+ Start a Discussion
BradCBradC 

CNAME SSO for customer portal

We are working on whitelisting the customer portal. We want to do two things, use a custom CNAME for the portal and also use SSO to automatically log our customers into the portal.

 

 

I have both of these items working, but not together. I can sign users in via SAML SSO to the case portal (but the URL shows up as https://ssl.salesforce.com...) not our CNAME. I can also access the portal via the CNAME (but then they aren't authenticated).

 

According to http://wiki.developerforce.com/page/CRC:SSO#Use_Cases.2F_Scenarios_and_Appropriate_Solution_Options, both options are possible. My question is, can both be done at the same time?

 

The problem I'm noticing is when we set the SAML login URL to http://supportcases.domain.com, it won't sign in. I ran the SFDC SAML verfication query and got this as the result: 

 

However, when I change the login URL to https://ssl.salesforce.com, then it stays on the ssl.salesforce.com domain instead of my supportcases.domain.com CNAME.

 

Any ideas?

 

Thanks much!

 

Brad

bob_buzzardbob_buzzard
You won't be able to use a custom URL with SSL. The problem is that the SSL negotiation takes place at a lower level than HTTP, and is based on the IP address rather than the server name header.