Engaging Networks is migrating its infrastructure through the Cloudflare network. This is a service that allows us to enable new security protocols for our clients, and utilise closer monitoring of web traffic through the domains you use with Engaging Networks.
While previously we’ve used our own SSL certificates and those provided by you to protect your domains, integration with Cloudflare now means that we can further streamline this process by simply providing a DNS record for you to point your domain at. Cloudflare then manages SSL encryption of traffic through its servers automatically, which means no more certificate renewals need to be managed between us and you once this DNS record is set. Following the successful migration of our Dallas data centre clients last month, we’ll be continuing this migration process for all Toronto data centre clients throughout July/August 2021.
If we’ve reached out to you about updating your domain, we’ll initially provide you with two TXT records that you’ll need to add to your domain’s DNS to pre-authorise your new Cloudflare certificate. Once that’s been added and authorised, the next step is deleting the A record that you’re currently pointing at our servers. We’ll have let you know which domain this A record is for and the IP address it will be pointed at, but typically this record will look something like this (where the example subdomain is act.yourdomain.org):
Immediately after deleting this record, you’ll need to create a CNAME for your subdomain in the A record’s place with the value ca.engagingnetworks.app, as here:
Important notes on downtime
As you’re having to first remove an A record for your subdomain, and then replace it as a CNAME – because your registrar will not allow both record types for the same domain simultaneously – there will be some downtime incurred for your pages using this domain while these record changes propagate. The extent of that downtime will vary from one registrar to the other depending on the TTL setting that’s used for your DNS records (for more information on that, please reach out to your registrar’s support), however during our initial tests we’ve found that downtime usually doesn’t exceed 15-30 minutes for most registrars.
Because of this, we’re advising that clients choose a time that suits them for the A record to CNAME changeover, so that any downtime is at an off-peak window for their pages. But, this needs to be done during standard office hours.
Testing that your pages are authenticated
In order to test that the set-up is working once your DNS records have propagated, please load one of your Engaging Networks pages using your domain in a browser and locate the certificate details from the padlock icon in your address bar, as here for example:
From here you’ll be presented with a window showing your certificate details, which should now be issued by Cloudflare as here:
If, for whatever reason, you find this not to be the case then please revert back to your previous A record. This will point your domain back at our Toronto server directly, where your original certificate will still reside. Please then reach out to Josh on the contact details below for more details:
Josh Miller – [email protected]
Under The General Data Protection Regulation (GDPR) you have the right to object to the appointment of any new sub-processors within thirty (30) days of supplying you with the details. Failure to respond within the thirty (30) day period will be deemed consent to the appointment of the new sub-processors. We supplied all impacted clients on July 7, 2021.