Unless initially requested, your intranet URL will be provisioned in the Oak.com domain for your site via a CNAME (e.g. yoursitename.oak.com). You may have a requirement to change it, and thus we provide the following options:
1) To change the CNAME (yoursitename.oak.com) to another available CNAME (somesite.oak.com) within the Oak.com domain.
2) Change to the Oak provided CNAME (yoursitename.oak.com) a custom URL, either one that you have purchased (e.g. somesite.com) or a subdomain of an existing domain you own (e.g. somesite.yourdomain.com).
For either request, if your site hasn’t gone live – Then there should be little considerations about timing, if you are live and if your login method is affected by the change, then consider about making this change out of hours and arranging this with our client services team to ensure someone is on hand to make the change and to repoint your site.
Please note to ensure the following:
- There are no ‘hard links’ on your site where they include the full path of the site (e.g. in custom content)
- Any documentation or IT infrastructure is available to cater for the change (e.g. a group policy for the default homepage for your staff)
- Staff are aware that the change is happening
For option 1):
When this change is made, some of Oak’s services will be affected, so you should consider the following points:
- Any SAML connection you have configured needs to be amended – The Entity ID as well as either the ACS URL or SSO URL will change to the new primary endpoint for your site, depending on the type of SAML connections you have. So, you’ll need someone who is able to make these changes on your Identity Provider(s) and Service Provider(s) to update these details.
- Email’s sent will contain the new links to the site (Please note older emails will continue to resolve to your intranet as we keep the old URL in place for a set amount of time).
- If you have one or more OIS (Oak Integration Services) installed, they will need to be reinstalled (We have separate guidance on how to do this, please request it). If you have strict firewall restrictions that specifically specify the outbound connections from the installed location of OIS, these will need to be adjusted too.
We’ll agree a date/time to make the change over (Please give notice if required to be out of hours). The old URL will continue to be accessible for some time following the change.
For option 2:
All considerations for the above, but it’s more complex.
You need access to manage the DNS of the domain you which to use. If you are planning to use an apex domain (e.g. somesite.com) then you need to be able to point it to a CNAME (Please check with your DNS provider on the steps how to do this). If it’s a subdomain (e.g. somesite.yourdomain.com), then you’ll need to create a CNAME entry. We typically use your existing yoursitename.oak.com as the CNAME we ask you to point it to but in some cases, we’ll provide you with a different one.
Regardless of the option chosen, as the site is accessed through HTTPS and is in another domain out of our control, we will need a certificate that allows us to enable SSL. This certificate is installed on our webservers by our engineers (If this is in a subdomain, you may use an existing wildcard certificate or choose to purchase one specifically for that URL).
If you create the certificate yourselves – it must be 2048 bit and provided to us in the form of a PFX which can be securely uploaded to us (https://upload.oak.com) along with the password to import it (we recommend a secure zipped file that is sent over another medium).
We can also make a CSR request on your behalf if you’re able to provide the following information;
Once the request has been created, we’ll send CSR file back to you via a secure link so you can purchase the certificate through a provider then send the files required to complete the CSR back to us.
Once we deploy your certificate across our infrastructure (Please allow up to 3 working days), and confirm the URL resolves correctly with your site, we’ll agree a date/time to make the change over. The old URL will continue to be accessible for some time following the change.
Comments
0 comments
Please sign in to leave a comment.