- A sub-domain of your existing top-level domain name is preferable for branding purposes – e.g. secure.abc.org, where www.abc.org is the main website.
- If you select a sub-domain, you must already own the top-level domain name.
- The subdomain cannot be a wildcard.
- A new secure certificate is required, even if you’ve previously had one issued for this domain. Due to both technical restrictions as well as security best practices, it is not possible to reuse an existing certificate.
- One secure hostname will serve all of your Luminate application secure pages.
- If you use MultiCenter, all Centers will share the same secure hostname. We recommend, therefore, that you choose one that is generic enough like secure.abc.org, rather than one that may only make sense in certain contexts like donate.abc.org.
Create a CNAME record pointing to xyz-live.convio.net, replacing "xyz" with your organization's Luminate shortname.
- Your shortname is the code that uniquely identifies your organization's instance of Luminate
- Find it by looking at the URL for one of your existing online donation forms. In this example, the shortname is "xyz": https://secure2.convio.net/xyz/site.
3. Provide required certificate contact information
|Domain Name||The domain name to be used as the secure hostname||secure.abc.org|
|Organization Name||The official legal name of your organization (including suffix - e.g. Inc., LLC, etc.)||The ABC Foundation|
|Department||Particularly for larger organizations, a way to further identify ownership||Development|
|Street Address||Street address for your organization's legal headquarters||123 Main Street, Suite 200|
|City||The name of the city where your organization is legally headquartered (fully spelled, no abbreviations)||Washington|
|State/Province||The name of the state where your organization is legally headquartered (fully spelled, no abbreviations)||District of Columbia|
|Country||The two-letter ISO code for the country where your organization is headquartered||US|
|Phone Number||Main Corporate phone number||202-555-1212|
|Link to WhoIs Record||https://www.whois.com/whois/ - confirm all the info within this record is correct and set to public.|
If the information is not correct or not public, you'll need to work with your IT department or the registrar to ensure it's accurate.
|First Name||First name of the site administrator||Jonathan|
|Last Name||Last name of the site administrator||Smith|
|Domain Admin Email||Email for person who will receive certificate notifications. Must be an organizational email; no free firstname.lastname@example.org|
|Domain Admin Phone Number||Organization phone number for person who will approve SSL certificate purchase||202-555-1212|
You must have the following email addresses available in your domain and the mailbox associated with each account must be monitored for incoming mail:
- Blackbaud SSL admins will place a request with the certificate authority (DigiCert or GeoTrust) for the new SSL certificate.
- The certificate authority will reach out to the designated contact at your organization to authorize the certificate. This contact must respond to the certificate authority (DigiCert or GeoTrust) or they will not provide the certificate to Blackbaud.
- After the certificate is authorized, the certificate authority will provide Blackbaud with the SSL certificate.
- Blackbaud SSL admins will configure and install the SSL certificate on the Luminate servers.
- For new Luminate customers: If you have not yet updated your DNS because your secure hostname is being moved from another website to Blackbaud, your Blackbaud implementation consultant will help to coordinate the update at this time. We will time your changes with ours to minimize any disruption caused by re-pointing the domain name. Due to the architecture of the Internet itself, any DNS change may take up to 24 hours to “propagate” and so it takes a while for visitors to find out that a website has changed locations. During this time, some might see the old site, some might see the new site, and some might see no site at all.
- For current Luminate customers: When we “switch on” your new secure domain, we’ll put a permanent redirect in place. This will direct the old secure URL (https://secureX.convio.net) to your new secure URL for secure pages. There may be very brief issues with domain redirection on your site as this redirect is set up. You don’t want to time this when you have a major marketing campaign going on or expect intense event activity.
- Redirects – in places where you have multiple simultaneous redirects in place pointing to the same page, the addition of another could cause things like form actions to break. How many is “too many” chained redirects? Six or seven redirects may be too many.
- Customizations – if you have scraped any forms, you will need to verify the form actions
- API – If you have API-based applications or integrations, you need to update the target URL from https://secure3.convio.net/xyz/site/abcAPI to https://secure.abc.org/site/abcAPI, where secure.abc.org is your new secure domain and abcAPI is the specific Luminate Online API being used. If you worked with a partner who did the API work for you, please discuss potential impacts with the partner before we make the URL change.
- Welcome Series – check links in welcome series
- External facing marketing assets and materials that use the old domain … check form actions, ensure you won’t have multiple redirects (it’s hard to define “too many” … as few as possible = always ideal).
If you are using the Luminate Online APIs to submit donations, action alerts, surveys, etc. then you will need to change the target URL from https://secure3.convio.net/xyz/site/abcAPI to https://secure.abc.org/site/abcAPI, where secure.abc.org is your new secure domain and abcAPI is the specific Luminate Online API being used.
6. Ongoing maintenance
- We automatically submit the renewal to the certificate authority (DigiCert or GeoTrust) 90 days in advance of expiration.
- The certificate authority will reach out to the certificate contact at your organization to validate the renewal. You will need to authorize the renewal with the certificate authority, as you did in Step 4.
- f you do not respond to the certificate authority, your domain will be at risk of expiring, Blackbaud will email your certificate contact three times – 14 days, 7 days, and 3 days before expiration – to remind him or her to authorize the renewal.