Vanity Domain Onboarding

The setup of a vanity domain within the nCrypted Cloud service requires a few steps be complete. The customer and nCrypted Cloud each have tasks that must be completed.


  1. Choose a name for the domain: For example,
  2. Create DNS records for the chosen domain: The record should be a CNAME and resolve to The usage of a CNAME record allows for the nCrypted Cloud service to scale and change as required without impact to the customer. This record must be created in external and internal DNS as required by the customer.


Once the record has been created, the output of a DNS lookup (host, dig, nslookup) will look similar to the following:

$ host is an alias for


  1. Obtain SSL certificate for chosen domain: This certificate will be used to serve those chosen domain. The certificate must be purchased by the customer and provided to nCrypted Cloud. The certificate must come from a recognized external certificate authority (CA) entity such as DigiCert, Thawte, or Entrust.
    1. Generate a CSR for the certificate: A CSR is a certificate signing request and is used to request a new certificate from the CA. The customer may generate the CSR as part of the process or alternately nCrypted Cloud will generate the CSR on the customers behalf. If nCrypted Cloud will be generating the CSR for the customer, the following information must be provided by the customer and will be used to generate the CSR. Once generated, nCrypted Cloud will provide the CSR to the customer.




Common Name (CN)

Country (C)


State/Country/Region (ST)


City/Locality (L)


Organization/Company (O)

Insured Health Group

Organizational Unit/Group (OU)

Information Technology

Email (emailAddress)


  1. Request SSL Certificate from CA
  2. Provide SSL Certificate to nCrypted Cloud: When the certificate for the vanity has been issued, it must be provided to nCrypted Cloud. In order to the vanity domain to function properly, the following are required:
    1. Server Certificate: This is the certificate for the vanity domain
    2. Private Key: The private key that accompanies the Server Certificate
  • Intermediate and Root CA Certificates: To build a full trust chain, all intermediate and root CA certificates provided by the CA must be given to nCrypted Cloud. Optionally a fully bundled certificate may be provided.
  1. Creation of Organization: After the above steps have been completed, nCrypted Cloud will create the organization and load the SSL certificate enabling the vanity domain.
Have more questions? Submit a request


Please sign in to leave a comment.
Powered by Zendesk