Domains, DNS and SSL

Adding a custom domain with SSL and optional Direct DNS


CNAME Record

Domain names are a simple global address book. Names pointing to numbers.

Now imagine if you looked up "Joe" in your address book and it said "see Joe's Dad, Frank." You had to call Joe's Dad in order to get Joe's number. This took extra time.

A CNAME record is the easiest way to point your own domain (or a subdomain) to your Kintura instance. The one drawback is that it's slower because it adds an additional lookup to the initial request. If this is to your campaign tracking link, it can add 10-100ms to your redirect time. If this is okay for you or you're just starting out that's fine -- just point a new CNAME entry to yourinstance.kintura.com and make sure your domain is added under Domains in the Kintura Console.

It's a little different based on where you manage your DNS. Most people these days manage DNS at the registrar itself. Here are some specific instructions:

Using Kintura Global Latency-optimized DNS

If you demand global < 50ms redirects with a custom domain, you will need to avoid CNAME DNS records. You need to have us connect your custom domain directly into our global network of latency-optimized load balancers. Using our direct DNS requires pointing your root domain to our nameservers so you'll lose the ability to point individual subdomains, etc.

This is now handled via self-service in the Domain Settings. Kintura will give you a list of Amazon Name Servers to use for your domain.

Below is an example of entering these "custom" name servers into the GoDaddy DNS console.

SSL Certificates

Kintura lets you manage domains and SSL certificates in real-time. When you edit your SSL certificate information in the console, you're updating our global network of load balancers directly.

Before you can use any of the Kintura SSL features, you must have your domain name pointed to Kintura by either a CNAME record or contact support for your own Direct DNS NS servers.

Using Free SSL Certificates
Simply check the "Use Let's Encrypt" box and "Update" button and our servers will attempt to negotiate with the Let's Encrypt API to secure an SSL certificate on your behalf. In doing so, we will manage our own DCV (Domain Control Validation).

Using your own SSL Certificate
In order to use your own SSL Certificate you will need to generate a CSR by entering your information into the CSR form. Please be as accurate as possible as your SSL Certificate Authority may compare this information against your billing information. You can experiment with this if SSL certificate information is a privacy issue for you. This is your business. When you generate the CSR you will have what you need to order your SSL Certificate.

Once your Certificate Authority has your CSR they will provide you with DCV (Domain Control Validation) info. You will usually be given a file with a special filename and told to upload it to your server. Rather than upload the file, you'll be giving Kintura the contents of that file so we can provide it to your Certificate Authority. You can now see why the DNS needs to be correct before you can continue.