.png){kind=logo}
Setting up a Vanity URL
When your customer hits cancel, we'll redirect them to a cancel page hosted on Brightback. Make it look and feel like they are never leaving your site by setting up a custom domain with a CNAME.
e use LetsEncrypt and all customer certificates and private keys are encrypted at rest and in transit.
Setting up your CNAME
We'll need to work together to make sure your Cancel Page is secure by setting up SSL. As for your part, you'll need to create a new CNAME record with your DNS provider. A CNAME record tells computers that when someone types in your custom domain (e.g. cancel.example.com) that you want it to actually reach out to the Brightback page site address custom.prod.brightback.com.
When you create the CNAME in your DNS, you'll be prompted to insert a host name or subdomain. Continuing with the example above, cancel would be the subdomain.
You'll also be asked to add a destination. For this value, that's where you enter custom.prod.brightback.com.
In other words, we're simply setting up a rule that says: If a customer visits cancel.example.com, they should see the page located at custom.prod.brightback.com.
Here are some links to some popular DNS help pages on adding a CNAME to point you in the right direction. If you're using a different DNS, let us know and we'll be happy to help you find the right instructions to make sure you're in the right place!
- Rackspace Cloud DNS: Create DNS records with Cloud DNS
- GoDaddy: Domains Help: Add a CNAME record
- Hover: Managing DNS records
- Bluehost: What Is A CNAME - How To Create & Edit CNAME
Let us know when you've created the CNAME, and we’ll enable your cancel experience to begin using the custom domain.
Special Instructions - CAA Records
What is a CAA record?
“CAA records allow domain owners to declare which certificate authorities are allowed to issue a certificate for a domain. They also provide a means of indicating notification rules in case someone requests a certificate from an unauthorized certificate authority. If no CAA record is present, any CA is allowed to issue a certificate for the domain. If a CAA record is present, only the CAs listed in the record(s) are allowed to issue certificates for that hostname.
CAA records can set policy for the entire domain or for specific hostnames. CAA records are also inherited by subdomains. For example, a CAA record set on example.com also applies to any subdomain, like subdomain.example.com (unless overridden). CAA records can control the issuance of single-name certificates, wildcard certificates, or both.”[1]
How do I tell if my domain is configured to use a CAA record?
You can use any number of DNS lookup tools to search for the CAA record of your domain (if one exists). Below is an example using the CLI tool dig:
$ dig +noall +answer example.com caa example.com. 1800 IN CAA 0 issue "digicert.com"
If the response is empty, stop here! You're good to go. Let us know you've added the CNAME record and we'll enable it for your account. If the results of the domain lookup include issue along with the name of a certificate authority, then your domain is configured with CAA protection. If the issuer is a certificate authority other than letsencrypt.org, you’ll need to take additional action in order to use a vanity domain with Brightback.
What do I need to do if my domain is configured with a CAA record?
If you have created a Certificate Authority Authorization (CAA) record for your domain, you’ll need to perform one of the following steps in order to use a vanity domain with Brightback:
- Amend the CAA record in domain root to include LetsEncrypt.
- Google Domains: Create or edit a resource record with Google Domains
- GoDaddy: Change a CAA record
example.com. 1800 IN CAA 0 issue "letsencrypt.org"
The vanity domain would then be an equivalent to cancel.example.com.
OR
2. Create a new subzone containing the CAA record, which will contain the CNAME record that points to custom.prod.brightback.com.
subzone.example.com. 1800 IN CAA 0 issue "letsencrypt.org"
In this example, your vanity domain would end up being configured as <hostname>.<subzone>.<domain>.<tld>, i.e. cancel.subzone.example.com.