# Establishing a Signicat subdomain

# Overview

Signicat offers Signicat subdomains, which allow customers to run their complete integration with Signicat's ID portal on their own subdomain.

A subdomain is part of a domain, where a domain defines a realm of administrative autonomy or authority on the Internet. Similarly, the name of the subdomain must reflect the domain it belongs to. The domain name system has a tree structure or hierarchy, with each node on the tree being a domain name. By definition, a subdomain is a domain that is part of a larger domain.

A Signicat subdomain will be a part of the customer's own company domain, even if it is physically located in Signicat's operational environment. If the company's domain name is yourdomain.com, the default name of the Signicat subdomain will be signicat.yourdomain.com.

# Advantages

The advantage of having a Signicat subdomain, rather than our standard solution, is that the login and signature web pages appear as belonging to the company itself. The end-user will have a coherent experience of being on the same website when logging in or signing documents, and will not be sent to an external website during these processes.

In addition, since the user stays on the same domain during the whole process, the redirect will be perceived as less intrusive, and give a more unified user experience.

A third important advantage of having your own subdomain is that there will be no need for the end-user's browser to accept third-party session cookies. Without the use of a subdomain, the browser must be set to accept third-party session cookies, as Signicat's authentication service will be accessed through an iframe.

# The process

The following is the recipe for establishing a new subdomain for a customer. The same process will also be used if you have ordered more than one subdomain.

  1. In order to start the process, we need to know the name of the subdomain and the certificate parameters of the SSL certificate from you. Below are some restrictions/ comments you should take into consideration:
    1. We recommend a descriptive name for the subdomain, such as signicat.yourdomain.comsecure.yourdomain.com or eid.yourdomain.com.
    2. The name of the subdomain must be lower case.
    3. At a minimum, you should specify the parameters Country (C), State/Province (ST), Locality/City (L), Organization (O) and Common name (CN) in the certificate.
    4. Common name (CN) of the certificate must be equal to the name of the subdomain.
  2. Signicat orders an IP address and a DNS alias under the signicat.cloud for the subdomain and creates a private key and a certificate request (CSR) in our protected production environment. We will send the CSR to your technical contact person by email. Signicat guarantees that the private key will never leave our production environment.
  3. You order an SSL certificate from your preferred certificate issuer using the CSR from Signicat. The certificate could be an ordinary high encryption certificate or an EV certificate. The certificate will be installed on an Apache platform at Signicat. If your integration with Signicat is running inside an iframe, the certificate should be equally as strong as the certificate of the web page that hosts the iframe.


It is important that the certificate issuer and the certificate are well known and included in the standard installs of the most commonly used browsers (Chrome, Firefox, Safari, Opera, Internet Explorer etc.), as well as in the newest Java installs.

  1. When you receive the certificate from the certificate issuer, you should forward it to support@signicat.com. This is the public part of the certificate and is safe to send in an email.
  2. Signicat installs the certificate and prepares the subdomain in our production (or test) environment.
  3. You register the subdomain in own your DNS, for example: <your subdomain> CNAME <DNS-alias>. As a fictive example, assuming your Company's name is Somename, your subdomain is secure.somename.com and you have been given the DNS alias secure-somename-com.signicat.cloud by Signicat Support, your DNS should be configured as follows: click-to-zoom
  4. Signicat changes your configuration to use the new subdomain. The Signicat URL will change from https://id.signicat.com/std to, for example https://secure.somename.com/std.


This task may need synchronization between you and Signicat.

If you have further questions, contact us at support@signicat.com.

Last updated: 4/12/2021, 1:26:53 PM