function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion
StephenBStephenB 

Question re SSL and custom domain name

We are going to start using Sites to capture some personal details, so this will facilitate using SSL in the form. We will want to use a custom domain name to mask the force.com site (eg. subscribe.ourdomain.com instead of site.secure.force.com)

 

I know that force.com has its own SSL certificate for *.force.com, however my concern is that if we override with a custom domain name, the browser will see an inconsistency between the URL (ourdomain.com) and the SSL certificate for force.com, and display an ugly 'exception' page (which most browsers now do - IE7/8, FF3).

 

Is there any way to get round this? Will this even be an issue with custom domain names? We are not in live yet so I can't properly test this case, however would be interested to get some feedback from the SFDC sites product team on this... :)

 

Thanks

Stephen

Best Answer chosen by Admin (Salesforce Developers) 
BulentBulent

hosting custom SSL certs means we need to reserve IP addresses and manage these certs on salesforce end. Currently we are not ready to support this.

If you need to use SSL using https://<yourdomain>.secure.force.com is your only option. 

Message Edited by Bulent on 09-18-2009 07:28 AM

All Answers

paul-lmipaul-lmi
there's no way around this until SF starts supporting custom SSL certs/names.
BulentBulent

hosting custom SSL certs means we need to reserve IP addresses and manage these certs on salesforce end. Currently we are not ready to support this.

If you need to use SSL using https://<yourdomain>.secure.force.com is your only option. 

Message Edited by Bulent on 09-18-2009 07:28 AM
This was selected as the best answer
Ron WildRon Wild

Hi Bulent,

 

I see your post on this topic was from a year ago .... has support for custom SSL certificates been added since then?

 

Thanks,

Ron

 

AghaAAghaA

Same here.  When will this be supported.

colemabcolemab

@StephenB - Did you use a portal site or a public site to pull the information in?  If you used a public site, I would be interested to see how you got SSL to work on SFDC's public sites w/o authenticating users. 

 

This is because I have a ticket open with support for HTTPS public sites redirecting to HTTP site when user isn't authenticated.

wmintunwmintun

It is amazing to me that Salesforce can't pull this off, but the little start up you bought recently (desk.com) which is supposed to be for the small business market only DOES!!! Salesforce should be embarrassed.

 

Please fix this. At this point - its not a feature request - its a bug.

 

- W

Santhosh KumarSanthosh Kumar

Agree with you @wmintun. It has been around 2.5 years since this post originally posted and still that capability is not available. It should be viewed as a bug in this age that https is not supported as many companies don't like http even for static content publication.

Danny IncompanyDanny Incompany

Hi Bulent, I think this isn't ready yet. What you guys think about putting the custom domain in an external hosting service, add the SSL and then create a single page with an iframe that will contain the address of the secure address (i.e mysite.secure.force.com). Any implications on this?

 

We have a customer that has made a huge investment on a development we made and now that we are ready this problem came up, customer needs their https://mydomain.com however seems that this is not possible.

 

Any ideas will be greatly appreciated.

wmintunwmintun

The biggest implication is that the iFrame size is going to be static. And if your displayed page has dynamic content (or in my case, it is a survey with hidden divs that show up dynamically based on what you select in previous questions). Because of this limitation of salesforce, my survey looks pretty fugly.

 

The iFrame has to be as tall as the survey could ever possibly get. So the person just taking it and not getting a lot of follow up questions is on a page the scrolls and scrolls and scrolls for no reason.

 

I'd love to figure out a way to make the iFrame grow with the embedded content. But I'd love it even more if Salesforce would support customer secure domain names.

 

- W

Danny IncompanyDanny Incompany

Thanks, looking around I don't think that iframe is an option, due that my app is an ecommerce site and putting everything in an iframe will not be indexed by Google, so no SEO for a ecommerce site is not an option.

 

I am looking forward to fix it in a way so that customer will navigate through the non SSL domain and when he is ready to buy, the URL will change to mydomain.secure.force.com

 

I think this can be done by rewriting the URL

 

http://blogs.developerforce.com/developer-relations/2010/05/url-rewriting-for-your-customizing-your-site-urls.html

 

Cheers!

 

Dan

carlostcarlost

Is this feature already planned?

We really need this ASAP!

-ct-