+ Start a Discussion
JWykelJWykel 

Custom URL with HTTPS on Force.com

I've created a custom URL for my site following the directions in this article (https://help.salesforce.com/apex/HTViewSolution?urlname=Setting-Up-Custom-Domains-for-Salesforce-Sites-and-Setting-up-HTTPS-Support-for-Branded-Custom-Domains&language=en_US).  However, it says in step #1 to point to a particular CNAME.  The problem is that when I type the CNAME into a browser the destination is unreachable - I don't want to setup a CNAME when the destination is unreachable because I believe this will take our website offline?  Also, when I followed step 3 of the article to add HTTPS support it does not work - the site still directed to Secure.Force.Com and does not have a custom URL.  Below are more details about my setup.  Do you guys know why the CNAME is unreachable?  Also, can you figure out why the custom URL is not working with SSL?

*** SALESFORCE SETUP ****

DOMAINS:
labrix.force.com [CANNOT EDIT]
labrix.secure.force.com [CANNOT EDIT]
www.labrix.com [CAN EDIT; HAS www.labrix.com CERT INSTALLED]

SITES
http://labrix.force.com [CAN EDIT [SET TO Require Secure Connections (HTTPS)]]

CUSTOM URLS
labrix.force.com [CANNOT DELETE [SET TO Require Secure Connections (HTTPS)]]
labrix.secure.force.com [CANNOT DELETE [SET TO Require Secure Connections (HTTPS)]]
www.labrix.com [SET TO Primary Custom URL]

*** DOMAIN REGISTRAR SETUP ****

REGISTERED DOMAIN:  labrix.com

HOST
@ => 174.129.25.170 (wwwizer.com)

CNAMES
www => labrix.force.com

TXT
salesforceid => {our unique key}
Best Answer chosen by Shashank (Salesforce Developers) 
JWykelJWykel
For anybody else having this problem, here is how to solve it (what support doesn't seem to know):

1.  The CNAME will be unreachable if you are working with a domain created before 2013; you will need to delete this domain and recreate it after setting your CNAME to www.example.com.000000000000aaaaaa.live.siteforce.com or whatever is specified when you edit the domain.  You may also have to toggle the site as inactive/active.

2.  If you purchase a certificate and it comes in two files, you must take the certificate part and put it at the top of the intermediate certificate chain (basically take the smaller file and put its contents at the top of the larger file)

All Answers

ShashankShashank (Salesforce Developers) 
Hi,

This is Shashank from Salesforce. There seems to be a certificate related issue in your case. When I check your url "https://www.labrix.com/" in this diagnostic tool, it says "Certificate does not match name www.labrix.com". Please try it yourself and you may have to check with your certificate provider regarding this: https://www.digicert.com/help/

Please let me know how it goes.

Thanks,
Shashank
Salesforce.com
JWykelJWykel
We have a labrix.com cert. installed.  The CNAME is incorrect - pointing to your cert. (force.com) on our site which is causing the error.  Why is the CNAME destination (e.g. www.example.com.000000000000aaaaaa.live.siteforce.com) specified by your documentation unreachable?
JWykelJWykel
For anybody else having this problem, here is how to solve it (what support doesn't seem to know):

1.  The CNAME will be unreachable if you are working with a domain created before 2013; you will need to delete this domain and recreate it after setting your CNAME to www.example.com.000000000000aaaaaa.live.siteforce.com or whatever is specified when you edit the domain.  You may also have to toggle the site as inactive/active.

2.  If you purchase a certificate and it comes in two files, you must take the certificate part and put it at the top of the intermediate certificate chain (basically take the smaller file and put its contents at the top of the larger file)
This was selected as the best answer