Custom Domains and SSL

TalentLMS supports a functionality called domain mapping, which allows you to use your own domain name instead of the TalentLMS subdomain offered by default. This is common practice if you want to white-label your solution.

On top of that, we offer the ability to secure your custom domain via an SSL certification. This is an advanced feature that is offered only on Premium Plan upwards.

SSL Certificates, sometimes called digital certificates, are used to establish a secure encrypted connection between a browser (user's computer) and a server (website). The SSL connection protects sensitive data, such as credit card information or passwords, exchanged during each visit (session). It also increases the end user perception about the quality of your site as it provides a green lock icon on the browser’s toolbar.

In order to activate SSL for a domain, some custom work is needed from both our sides. It also requires technical knowledge. The process involves an SSL certification that you need to obtain from a third party provider. We need to host this SSL in our infrastructure.

In theory, anyone can certify a certificate. It’s called self-certifying but isn’t always the greatest idea. So most systems including browsers don’t by default trust a self-certified certificate and produce suitably scary error warnings. Instead, the internet relies on Certificate Authorities who act a bit like an underwriter, confirming the details of the certificate (nearly always for a fee, of course).

There are many types of SSL certifications and a number of Certificate Authorities. A few known Certificate Authorities are GeoTrust, Comodo, Symantec and Thawte. All major domain provider allows you to buy an SSL certification from various Certificate Authorities directly within their admin interface (e.g., GoDaddy, NameCheap).

Step by step process

(A) Make sure you have setup a custom domain mapping within TalentLMS. You are getting an SSL certification for that domain. If you use branches you may have to get a wildcard (or STAR) certification that handles all custom domains.

(B) You inform us about your intention to use SSL for your custom domain and we provide you with a CSR (this stands for Certificate Signing Request and is a message sent from an applicant to a certificate authority in order to apply for a digital identity certificate).
The data we need from you to produce the CSR is as follows:

• Hostname (e.g., this is the custom domain mapped within TalentLMS)
• E-mail address
• Organization name
• Organizational Unit (optional)
• City
• State or Province
• Country

(C) You use the CSR  (if needed, source: apache mod_ssl) in order to complete the SSL generation process. This happens by communicating directly with your SSL provider. The process varies between SSL providers but at the end of the process you will get one (or more) certifications.

(D) You send the certification to us. We need to install it directly to our backend for the SSL to take effect.  

Feedback and Knowledge Base