How to Configure your DNS in the Trust Center

In this article, you will learn how to configure your DNS settings within the Trust Center

Part 1: Domain Ownership Validation

The first step you will need to take is to verify your domain ownership.

This involves adding a DNS TXT record to your domain’s DNS zone to confirm you have control over it. 

1.) Enter your company domain and select 'Submit Domain'.

Note:  View how your domain is integrated within the Scytale domain on the right side. This enables the activation of the Trust Center and its features.

2.) Copy the TXT Record Name and Value from Scytale. 

3.) Next, navigate to your domain’s DNS settings and add a new TXT record using the Record Name and Value you copied from Scytale.

Part 2: Customize your Domain

Each customer's Trust Center operates as a subdomain under Scytale domain with SSL traffic secured by Scytale’s certificate.

Part 2 involves customizing the domain provided by Scytale and is split into 2 steps.

  1. Set Up URL Proxying
    Configure a CDN or reverse proxy to manage the Scytale URL. During this process, integrate your company’s SSL certificate to ensure secure and encrypted connections. This setup guarantees that access to your customized domain is securely proxied.
  2. Configure DNS CNAME Record:
    Once the proxy setup is complete, configure a DNS CNAME record. This record should point your customized subdomain, such as trust.example-domain.com, to the CDN or reverse proxy established previously. This configuration ensures that your domain is correctly recognized and routed across the internet.

How to Set Up CDNs and NGINX as reverse proxy

Using CloudFlare CDN

Step 1: Create a CNAME Record

Set up a CNAME record with your DNS provider to point your custom subdomain to the correct server.

  • Log in to your Cloudflare account.
  • Select your domain (e.g., company.com).
  • Go to DNS settings and Add record:
      • Type: CNAME
      • Name: trust
      • Target: Trust Center Domain under Scytale (Part 1)
      • Proxy Status: "Proxied" (🔶 Orange Cloud enabled)
      • TTL: Auto

Note: If you use another DNS provider (like GoDaddy, Cloudfare or Namecheap):

Log in to your DNS provider's dashboard, go to DNS settings and add a new CNAME record:
      • Host: trust
      • Target: Use the specific endpoint provided by your service, like <random-string>.cloudfront.net
 

Step 2: Set Up SSL/TLS 

  • Using Cloudflare’s Free Universal SSL (Recommended):

    • In your Cloudflare dashboard, go to SSL/TLS then Edge Certificates.
    • Turn on "Full (Strict)" mode to secure all connections.
    • If the certificate is provided by Cloudflare, you’re all set!
  • Uploading Your Own SSL Certificate:

    • Still in SSL/TLS settings, select Origin Server.
    • Click Upload Custom SSL Certificate
    • Paste your certificate (CRT) and private key (KEY)

Using AWS CDN (CloudFront)

Step 1: Set Up SSL/TLS 

  • Creating a New SSL Certificate

    • Go to AWS Certificate Manager (ACM)
    • Select Request a certificate and then select Request a public certificate
    • Enter trust.company.com
    • Choose DNS Validation (recommended)
    • Select Request
    • Note: Use Create record in Route 53 if you’re using Route 53
  • OR Uploading Your Own SSL Certificate:
    • Go to ACM and select Import Certificate
    • Upload:
      • Certificate body (.pem)
      • Private key
      • Certificate chain (optional)
    • Note: Make sure the certificate is in the same region as your CloudFront.

 

Step 2: Create a CloudFront Distribution

  • Go to the AWS CloudFront Console
  • Select Create Distribution
  • Under Origin Settings add:
    • Origin domain: Trust Center Domain under Scytale (Part 1)
    • Origin protocol policy: HTTPS Only
  • Alternate Domain Names (CNAMEs)
    Add trust.company.com
  • Custom SSL Certificate:
    The certificate you created/imported in ACM.


Step 3: Update your DNS (Create CNAME Record)

Option 1: If using Route53 (AWS DNS)

  • Go to AWS Route 53, select Hosted Zones and company.com
  • Select Create Record and choose CNAME.
  • Enter the following:
    • Record name: trust
    • Value: <random-string>.cloudfront.net (CloudFront domain)
  • Select Create Record

Note: If you use another DNS provider (like GoDaddy, Cloudfare or Namecheap):

  • Log in to your DNS provider's dashboard, go to the DNS settings for company.com.
  • Add a new CNAME record:
      • Host: trust
      • Target: Use the specific endpoint provided by your service, like <random-string>.cloudfront.net