Other

Signicat Subdomain

856 views August 8, 2017 October 19, 2018 2

Signicat offers Signicat Subdomain, which allows customers to run their complete integration with Id.Signicat on their own subdomain.

A subdomain is part of a domain, where a domain defines a realm of administrative autonomy or authority on the Internet. Similarly, the name of the subdomain must reflect the domain it belongs to. The domain name system has a tree structure or hierarchy, with each node on the tree being a domain name. By definition, a subdomain is a domain that is part of a larger domain, and the only domain that isn’t also a subdomain is the root domain.

A Signicat subdomain will be a part of the customer’s own company domain, even if it is physically located in Signicat’s operational environment. If the domain name is mycompany.com, the default name of the Signicat Subdomain will be signicat.mycompany.com. The root domain is not limited to .com. Domains such as .no, .se, .dk, .fi, etc. are also valid.

Advantages

The advantage of having a Signicat subdomain, rather than our standard solution, is that the login and signature web pages appear as belonging to the company itself. The end user will get the feeling of being on the same website when logging in or signing documents, and not being sent to another unknown site during these processes.

In addition, since the user is staying on the same domain during the whole process, the redirection itself will be perceived as less intrusive, and give a more unified user experience.

A third important advantage of having your own subdomain is that there will be no need for the end-user’s browser to accept third-party session cookies. Without the use of a subdomain, the browser must be set to accept third-party session cookies, as Signicat’s authentication service is accessed through an iframe.

The process

The following is the recipe for establishing a new subdomain for a customer. We will use the same process also if you have ordered more than one subdomain.

    1. In order to start the process, we need to know the name of the subdomain and the certificate parameters of the SSL certificate from you. Below are some restrictions/ comments you should take into consideration:
      1. We recommend a name for the subdomain, such as signicat.yourdomain.comsecure.yourdomain.com or eid.yourdomain.com.
      2. The name of the subdomain must be lower case.
      3. At a minimum, you should specify the parameters Country (C), State/Province (ST), Locality/City (L), Organization (O) and Common name (CN) in the certificate.
      4. Common name (CN) of the certificate must be equal to the name of the subdomain.
    2. Signicat orders an IP address and a DNS alias under the signicat.cloud for the subdomain and creates a private key and a certificate request (CSR) in our protected production environment. We will send the CSR to your technical contact person by email. Signicat guarantees that the private key will never leave our production environment.
    3. You order an SSL certificate from your preferred certificate issuer using the CSR from Signicat. The certificate could be an ordinary high encryption certificate or an EV certificate. The certificate will be installed on an Apache platform at Signicat. If your integration with Signicat is running inside an iframe, the certificate should be equally as strong as the certificate of the web page that hosts the iframe. Note that it is important that the certificate issuer and the certificate are well known and included in the standard installs of the most commonly used browsers (Chrome, Firefox, Safari, Opera, Internet Explorer etc.), as well as in the newest Java installs.
    4. When you receive the certificate from the certificate issuer, you should forward it to support@signicat.com. This is the public part of the certificate and is safe to send in an email.
    5. Signicat installs the certificate and prepares the subdomain in our production (or test) environment.
    6. You register the subdomain in own your DNS, for example:
      <your subdomain> CNAME <DNS-alias> As a fictive example, assuming your Company’s name is “Somename”, your subdomain is secure.somename.com and you have been given the dns-alias secure-somename-com.signicat.cloud by Signicat Support, your DNS should be configured as follows:
    7. Signicat changes your configuration to use the new subdomain. The Signicat URL will change from https://id.signicat.com/std to, for example, https://secure.somename.com/std.

Note: This task may need synchronization between you and Signicat.

If you have further questions, please contact Signicat Operations at support@signicat.com.

Was this helpful?