End Users who visit a Kayako OnDemand may experience the inability to perform certain functions like changing the language on the page. This could be caused by not utilizing a valid SSL certificate for a custom domain. If you are using Kayako OnDemand and would like to use a custom domain URL for your Kayako instance, you must purchase your own SSL certificate.
In this article, we will walk you through the steps of adding a custom SSL certificate, once you have purchased the add-on.
SSL (Secure Sockets Layer) is the standard protocol used to establish a secure connection between a web server and a browser. In friendly terms, this means that any information passing from one source to the other is encrypted and can only be decrypted by the intended party. The data will be rendered unreadable by anyone maliciously snooping on the back-and-forth traffic.
As part of your Kayako Classic OnDemand instance, your helpdesk is currently protected by a “wildcard” SSL certificate. This certificate covers our domain (www.kayako.com) and any sub-domains we have (www.[yourdomain].kayako.com.)
That said, we know you have spent a lot of time (and money!) building up your brand, and we also know that a large part of that is your online presence — including your website domain. That is why we have added the capability for OnDemand customers to use custom SSL certificates for their own support domains. Coupled with our footer link removal package, you can now retain the company branding that your customers know and love, while still receiving the world-class functionality, support, and security that Kayako OnDemand provides.
Adding a custom SSL certificate to your OnDemand instance is available as a paid add-on. Reach out to firstname.lastname@example.org to talk to someone about adding it to your OnDemand instance.
Enabling your custom SSL for your OnDemand instance
Once you have added the custom SSL add-on to your subscription, there are several steps you will need to go through in order to enable SSL for your OnDemand instance. Below, you will find detailed instructions.
Updating Your Domain’s DNS Records
First, you will need to make a few adjustments to the DNS records for your domain. You will need administrative access to your domain host.
To update your DNS records:
- Log in to your domain host and navigate to the DNS records for your site.
- In order to ensure that your changes are propagated as quickly as possible, edit the TTL (Time To Live) for your domain so it is as low as it will go.
- Create a new CName record to point your custom helpdesk subdomain (e.g.,
support.[yourcompany].com) at the subdomain for your OnDemand instance (
- The steps for this process will vary, depending on your host, but the new CName record should look similar to the following:
- Record Name:
- CName Host:
- Record Name:
- Once you have created the new record, it can take 24-48 hours for the DNS changes to propagate around the internet, which means some of your customers may be unable to view the helpdesk during that time. However, if you have set the TTL as low as you can, as we recommend above, that will help speed things up.
Provide Your SSL Certificate
You will need to provide our support team a copy of your SSL certificate, so they can add it to the server where your OnDemand instance lives. You should be able to download a copy of your SSL certificate from your domain host.
In order for our team to enable SSL, your certificate must:
- Be for the correct domain (the one being used in the CName record you just added).
- Have a valid date, which does not expire for at least another month.
- Be from a trusted Certification Authority.
- Be downloaded and provided to us in a format for Linux/Nginx.
- Contain both the private and public keys.
Once you have your certificate, reach out to our support team, so we can add it to your OnDemand instance and let you know when it is ready to go.
Updating Your Settings in Kayako Classic Download
If you are a Classic Download customer, once your DNS changes have taken effect and our team has added your SSL certificate, you will need to update the base URL for your support site:
- To install your certificate, you can follow the general guidelines or request help from your certificate issuer to get installed in Apache Server.
- Log into your Admin CP and keep the tab open to keep the session active.
- Go to your MySQL database.
- Run the following query (replace the URL accordingly):
SET data = 'https://[newURL].com' WHERE vkey = 'general_producturl'
- Rebuild your Kayako cache by opening the following link in a browser (replace the URL accordingly):
- Open to your new base URL; the portal should be functioning correctly with the updated URL.