Recruitment MarketingPublic
This article discusses the various domain scenarios the Recruitment Marketing platform supports. The module has been designed to install seamlessly into your existing infrastructure and domain structures.
However, due to the way that web cookies operate on the internet, there are a number of restrictions that apply if you want to track candidates across your web properties.
This document will use a fictitious company, Acme, with a domain of acme.com.
Security
The Recruitment Marketing platform requires an SSL on each domain it’s hosted on.
Configuring your careers site CNAME for Recruitment Marketing
New customers with no Recruitment Marketing hosted careers site
If you have an existing CNAME for your non-recruitment marketing careers site and would like to continue using it for your new careers site to be hosted on the Recruitment Marketing platform, then your IT Engineer will need to ensure the CNAME is configured on your DNS so that it points to Recruitment Marketing. Contact your PageUp representative to provide you with the Recruitment Marketing DNS records.
Existing customers of PageUp using legacy careers
If you have opted to move from your legacy careers to Recruitment Marketing, and you intend to use the same CNAME, then contact your PageUp representative to assist with the migration of your careers site. On your Go Live day, anywhere you have your careers site linked on your corporate website, we recommend that you update those URLs to e.g., companyname.careers.com
Options
There are 3 available options, summarized below and in more detail further down the page.
Summary of domain options
| Domain example | SSL Cert Required | Candidate Tracking | Content Heatmaps | External Tracking Script | |
| Default | acme.career-pages.com |
Supplied | Yes | Yes | No |
| Dedicated Domain | my-acme-career.com |
Supplied | Yes | Yes | No |
| Sub-domain | careers.acme.com |
Supplied | Yes | Yes | Yes |
Default domain
Recruitment Marketing ships with a default domain of career-pages.com, so without any further configuration, Acme’s pages are available on acme.career-pages.com.
This default domain automatically has a wildcard SSL certificate available, so no further configuration is needed, and all pages are available only on https protocol.
Pages on this domain automatically track people and content heatmaps.
Career-pages was chosen as a non-Recruitment Marketing-branded generic domain. In general, customers prefer to use custom options.
Custom dedicated domain
Recruitment Marketing can be deployed to a custom dedicated domain in the format <domain>. For example, Acme might choose to deploy to my-acme-career.com.
The SSL certificate is generated on your behalf via Amazon Managed Certificates. More information on this process is detailed below.
This means that Recruitment Marketing landing pages would be available on URLs like https://careers.acme.com/about.
Note:
An important limitation of this deployment
option is that because there is a domain difference between acme.com
and my-acme-career.com, the external tracking script
will not be able to track candidates' behaviour between the domains.
Custom company sub-domain
Note:
This is the most widely deployed and recommended option.
Recruitment Marketing can be deployed to a custom sub-domain in the format <subdomain>.<domain>. For example, Acme might choose to deploy to careers.acme.com.
The SSL certificate is generated on your behalf via Amazon Managed Certificates. More information on this process is detailed below.
This means that Recruitment Marketing landing pages would be available on URLs like https://careers.acme.com/about.
In this configuration, because the Recruitment Marketing module is on a company sub-domain, the Recruitment Marketing External Tracking Script can be installed onto any other product within the company's domain to track candidate behavior between the sites and Recruitment Marketing.
For example, if Acme has product pages on www.acme.com and Recruitment Marketing on careers.acme.com, they can track candidates who interact with both properties. This is because the Recruitment Marketing tracking cookie will be presented to all products with the tracking script on *.acme.com.
SSL Certificate
Automated SSL Certificate Generation and Renewal
This is the preferred method for managing SSL certificates within the Recruitment Marketing module. PageUp generates SSL certificates on your behalf via Amazon Web Services Managed Certificates. This is a simple process where your IT team creates a DNS entry that authorizes Recruitment Marketing to then complete the process.
The benefits of this process is that Recruitment Marketing absorbs the cost of the certificate and the certificate renews automatically each year, as long as the DNS entry is still in place.
The steps involved are:
- Recruitment Marketing generates an SSL certificate and provides a DNS entry to the client.
- Your IT team adds a DNS entry, which must be completed within 72 hours.
Following successful validation, your Recruitment Marketing representative will complete the necessary provisioning steps.
Manual SSL Certificate Generation and Renewal
Whilst the automated process described above is the preferred and recommended approach, you may find that your organization's IT Security Policies prevent you from being able to utilize the automated approach.
In these rare occasions, it is possible for you to generate your own SSL certificate using the vendor of your choice, and upload that SSL certificate directly to your Recruitment Marketing site.
Where possible, this approach should be avoided for the following reasons:
- Your SSL Certificate will not automatically renew.
- You will need to manually track the expiry date of your SSL certificate.
- You will need to generate a new certificate and ensure it is manually uploaded before the previous certificate expires.
If your manually generated and uploaded SSL certificate expires before a new certificate is uploaded, your careers site will become inaccessible to visitors.
For information on how to upload a manually generated certificate, refer to Managing Manually Generated SSL Certificates.
FAQs
If 3 days pass after expiry without the DNS record being re-added, the certificate cannot be renewed.
- Login to the Recruitment Marketing system
- Click on Menu
- Click on Settings, under the Company header
- Click on Company Contact.
For manually generated certificates, reminders will be sent 60, 30, 15, 10, 5 and 1 day(s) before the expiry of the current certificate.
For automatically renewed certificates, under normal circumstances no reminder will be sent, as the certificate will renew automatically around 45 days before the expiry of the existing certificate. If the certificate fails to renew, reminders will be sent 30, 15, 10, 5 and 1 day(s) before the expiry of the current certificate. Please refer to the information in the email for the likely causes of the failure to renew.
Once the expiring certificate has been replaced or has successfully renewed, the reminders will no longer be sent.
Refer to AWS Certificate Manager (ACM) for more information.
PageUp uses AWS ACM to ensure that we can scale the provision and operation of SSL Certificates to all clients seamlessly.
ACM allows for quick provision, auto-renewal and no custom certs from multiple clients, suppliers and Certificate Authorities to manually manage.
Troubleshooting
A CAA record defines which certificate authorities may generate certificates on behalf of your domain and/or sub-domain. If a CAA record exists for your domain or sub-domain, it needs to include at least one of the following entries:
- amazon.com
- amazontrust.com
- awstrust.com
- amazonaws.com
Once the CAA record has been updated, your certificate should successfully generate or renew.
Comments
Article is closed for comments.