Cloudflare: share branded links with Https

Avatar
David
Follow

Add Https to your Custom Short URLs for free with Cloudflare

 

Natively Rebrandly does not support custom SSL certificates for domains. But if you need to share your branded links in https, for example https://mybrandedDomain.com/abcd and you have expertise with DNS management, we suggest the following workaround/integration:

  1. If not done yet purchase your domain with Rebrandly OR configure the DNS of a domain (or subdomain) you already own.
  2. Wait until the DNS changes are propagated.
  3. Subscribe to Cloudflare and follow their domain wizard.
  4. Add your domain to Cloudflare in wizard (Step#1). You must add the main domain name even if you are using a subdomain (e.g. you have to setup mydomain.com even if you only have something.mydomain.com (a subdomain) on Rebrandly).
  5. Wait about 60 seconds for Cloudflare to load your current DNS records, then confirm your DNS records in the wizard (Step #2)
  6. Select a Cloudflare plan in wizard (Step #3). Free one is a valid option too.
  7. In step #4 Cloudflare communicates two of nameservers to configure on your current domain control panel. If you purchased your domain with Rebrandly, please tell us the nameservers and we’ll update them for you. If you purchased your domain with another domain provider, please access your panel and update nameservers accordingly.
  8. Wait for the nameservers update to take place (may take up 24 hours). You should receive an email by Cloudflare when done. 
  9. Your domain is now ready to work with Rebrandly in Https (no change to be made Rebrandly side, as Cloudflare will provide SSL layer). Http can be used as well. 


Note:
If you want to share your links as https:// by default, you can follow the steps in this article.

Useful optimization:  
only if you are using your main domain as the custom URL shortener.
This procedure is NOT valid if you are using a subdomain (eg.: subdomain.mydomain.com).

Cloudflare allows you to forward your main/naked domain name (e.g. mydomain.com) to Rebrandly directly. Your current configuration, instead, will perform a double redirect (mydomain.com => www.mydomain.com => then Rebrandly). To improve your links redirection:

1) Delete the Rebrandly A record
2) Change your current CNAME record to use name/hostname “@” (same address as before).

 

Important Warning! 
Do not change the main DNS settings for a live website or blog. This will immediately disconnect the domain from the host, meaning your website will go down. Rebrandly, or any other URL shortener, does not work on an active website, it only works on a domain that is "empty" or not in use.

 

For any question please contact us

 

This article is about:

  • SSL/Https for custom short URLs (Branded links)
  • How to share my rebrandly links using https
  • SSL certificate with Rebrandly branded domains
  • Custom short links with ssl/https
  • How to create branded links (custom short URLs) that include https:/ (SSL encryption) 
  • Cloudflare and Rebrandly

Also read:

 

Have more questions? Submit a request

3 Comments

Date Votes
  • 0
    Avatar
    Narender Singh

    How does rebrandly figure out that the DNS is correct and working? Since when we want to use SSL, we'll need to set Cloudflare as DNS + HTTP Proxy.

    In this case, Cloudflare will not expose the IP address of the origin. So, how does the system find out that now the DNS is all done, I should allow the user to import or start creating branded shortlinks?

     

    Edited by Narender Singh
  • 0
    Avatar
    Narender Singh

    >> Wait for the nameservers update to take place (may take up 24 hours). You should receive an email by Cloudflare when done. 

    > Cloudflare only sends an email now when the domain is added. No additional notification is sent after that when the domain starts receiving traffic. At least it didn't send any for 10 of my domains recently added to Cloudflare.

     >> (no change to be made Rebrandly side, as Cloudflare will provide SSL layer)

    > But changes are needed at cloudflare end. For me, cloudflare had the domain setup with SSL FULL setting which looks for a certificate on the origin server and if there is none, the connection will not go through. SSL Flexible should be setup there so that only the connection b/w visitor and cloudflare is secure and cloudflare then communicates insecurely with the origin.

    Also, after doing the rebrandly setup, I am facing an error "SSL_ERROR_INTERNAL_ERROR_ALERT" with HTTPS. Most probably this is appearing up because cloudflare has not yet generated a certificate for the domain or it is yet to be added to their main certificate which gets presented to the browsers. So, I guess you should clearly mention that the SSL certificate issuance will take a longer time and if the domain works on HTTPS, it still might not work over HTTPS. I'm giving cloudflare another few hours and see if the issue is sorted.

    Also, for somebody migrating from bit.ly, rebrandly promises downtime of shortened links. Because you do not allow an import to be made unless and until your system confirms that the DNS changes have been made and it gets propagated. If I change nameservers now, Rebrandly takes like 12 hours before finally confirming that the change is made. It will then allow me to import ot create bitlinks.

    Can you not make it simpler? Add domain, import, change DNS, let the DNS propagate and the traffic faces no downtime.

     

    Last - You should start offering certificates from your end instead of requiring the user to pass his traffic through cloudflare. Security cannot be disabled on free plans. This will cause at least some part of the traffic to be presented with secuirty verification (captcha) which I don't really prefer. Since we have LetsEncrypt, I don't think it is too hard to issue a free certificate from rebrandly's side.

    Edited by Narender Singh
  • 0
    Avatar
    Gianni Fiore

    Hi Narender,
    trying to answer your questions.

    Yep CloudFlare would hide us DNS because it manages them at application levels. Have different ways to check it. We generally recommend users to configure domains with their current provider and then moving to CloudFlare.

    About CloudFlare confirmation email, we will have some tests about it, thanks.

    Yep we also experienced some time it takes more than 24h to have SSL certificates generated and ready. Will add some more notes, also about security modes to configure, thanks.

    Every domain in Rebrandly should be DNS-verified to become part of your account. That's why bitly links import is not an exception to this. If you have very strict no-downtime requirements, we could arrange some pre-configuration for domains.
     
    Thanks for your suggestion, Rebrandly SSL is something still in progress, will have lot of cool features and news in the future.
     
    Best,
    Gianni
Please sign in to leave a comment.