Setting up a Vanity URL

When your customer hits cancel, we'll redirect them to a cancel page hosted on Brightback. Make it look and feel like they are never leaving your site by setting up a custom domain with a CNAME.  

Send us the custom domain you'd like to use for your cancel page, like, and we'll apply it to your account on the backend. We use LetsEncrypt and all customer certificates and private keys are encrypted at rest and in transit.

Setting up your CNAME

We'll need to work together to make sure your Cancel Page is secure by setting up SSL. As for your part, you'll need to create a new CNAME record with your DNS provider. A CNAME record tells computers that when someone types in your custom domain (e.g. that you want it to actually reach out to the Brightback page site address

When you create the CNAME in your DNS, you'll be prompted to insert a host name or subdomain. Continuing with the example above, cancel would be the subdomain.

You'll also be asked to add a destination. For this value, that's where you enter

In other words, we're simply setting up a rule that says: If a customer visits, they should see the page located at

Here are some links to some popular DNS help pages on adding a CNAME to point you in the right direction. If you're using a different DNS, let us know and we'll be happy to help you find the right instructions to make sure you're in the right place!

Note: Once you save the CNAME, it can take up to  24 hours to propagate and properly point to Brightback, but changes may take effect in as little as an hour. If you see any TTL settings when setting up your CNAME, set those as 300s.

Let us know when you've created the CNAME, and we’ll enable your cancel experience to begin using the custom domain.

Special Instructions - CAA Records

What is a CAA record?

“CAA records allow domain owners to declare which certificate authorities are allowed to issue a certificate for a domain. They also provide a means of indicating notification rules in case someone requests a certificate from an unauthorized certificate authority. If no CAA record is present, any CA is allowed to issue a certificate for the domain. If a CAA record is present, only the CAs listed in the record(s) are allowed to issue certificates for that hostname.

CAA records can set policy for the entire domain or for specific hostnames. CAA records are also inherited by subdomains. For example, a CAA record set on also applies to any subdomain, like (unless overridden). CAA records can control the issuance of single-name certificates, wildcard certificates, or both.”[1]


How do I tell if my domain is configured to use a CAA record?

You can use any number of DNS lookup tools to search for the CAA record of your domain (if one exists). Below is an example using the CLI tool dig:

$ dig +noall +answer caa		1800	IN	CAA	0 issue ""

If the response is empty, stop here! You're good to go. Let us know you've added the CNAME record and we'll enable it for your account. If the results of the domain lookup include issue along with the name of a certificate authority, then your domain is configured with CAA protection. If the issuer is a certificate authority other than, you’ll need to take additional action in order to use a vanity domain with Brightback.

What do I need to do if my domain is configured with a CAA record?

If you have created a Certificate Authority Authorization (CAA) record for your domain, you’ll need to perform one of the following steps in order to use a vanity domain with Brightback:

  1. Amend the CAA record in domain root to include LetsEncrypt.		1800	IN	CAA	0 issue ""

The vanity domain would then be an equivalent to


2. Create a new subzone containing the CAA record, which will contain the CNAME record that points to		1800	IN	CAA	0 issue ""

In this example, your vanity domain would end up being configured as <hostname>.<subzone>.<domain>.<tld>, i.e.

Additional reading

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.