As an IT administrator, perform the following steps to set up a CNAME and acquire a TLS certificate for your white-labeled domain:
- Define a CNAME record to the new white-labeled domain to
Apply this DNS change within your domain.
For example, if your white-labeled domain should be accessible from
analytics.example.comand you are using a North American datacenter, create a CNAME to point from that destination to
example.na.gooddata.com, for the European datacenter, use
For more information, see GoodData Datacenters and Data Loading and IP Whitelisting.
- Generate a Certificate Signing Request (CSR) file. This file is required as a part of the request to a certificate authority for issuing a TLS certificate.
- Acquire a TLS certificate for the new domain.
This certificate must have the following characteristics:
- Be in PKCS12 format (preferred)
- Common Name (CN) of the certificate must be the new white-labeled domain (e.g.
- Contain both public and private components
It is your responsibility to acquire the CSR file, private key, and certificate. As GoodData cannot acquire or generate these assets for you, we suggest that you use publicly available knowledge resources. For example, searching the Internet for "Key and CSR Generation Instructions" yields sufficient results. If you still need help, contact GoodData Support.
- Send the following items to the person managing the white-labeling process with GoodData Support:
- Confirmation of CNAME creation
Both the certificate and the corresponding private key in PKCS12 or PEM format (preferred), in an encrypted form
We strongly recommend that you encrypt both the public and the private components. The private key contains sensitive information, which an unauthorized person can use to impersonate the server identity. To encrypt, you can use the GoodData PGP key or another encryption method available on your side.
For the guidelines on how to encrypt a document using PGP, see the GNU Privacy Handbook.