Domain and SSL options

Introduction

This document discusses the various domain scenarios the Clinch Talent platform supports. Clinch Talent has been designed to install seamlessly into your existing infrastructure and domain structures.

However, due to the way that web cookies operate on the internet, there are a number of restrictions that apply if you want to track candidates across your web properties.

This document will use a fictitious company Acme, with a domain of  acme.com.

Security

The Clinch Talent platform  requires an SSL on each domain it’s hosted on.

Option 1: Default domain

Clinch Talent ships with a default domain of  career-pages.com, so without any further configuration Acme’s pages are available on acme.career-pages.com.

This default domain automatically has a wildcard SSL certificate available, so no further configuration is needed, and all pages are available only on  https protocol.

Pages on this domain automatically track people and content heatmaps.

Career-pages was chosen as a non-Clinch Talent-branded generic domain. In general, customers prefer to use custom options.

Option 2: Custom dedicated domain

Clinch Talent can be deployed to a custom dedicated domain, in the format <domain>. For example, Acme might choose to deploy to  my-acme-career.com.

This configuration requires a domain SSL certificate from the company for the specific dedicated domain being used (my-acme-career.com).

This certificate can have  Extended Validation (EV), if required.

The SSL certificate (private key, public certificate) will need to be installed onto the Clinch Talent platform. Clinch Talent Support ( support@clinchtalent.com) can assist in this process.

This means that Clinch Talent landing pages would be available on URLs like https://careers.acme.com/about.

An important limitation of this deployment option, to note, is that because there is a domain difference between acme.com and  my-acme-career.com, the external tracking script won’t be able to tracking candidates behavior between the domains.

Option 3: Custom company sub-domain

Note: This is the most widely deployed and recommended option.

Clinch Talent can be deployed to a custom sub-domain, in the format,  <subdomain>.<domain>. For example, Acme might choose to deploy to careers.acme.com.

This configuration requires an SSL certificate from the company. There are two options of certificates that can be used:

  • A wildcard SSL for the company domain, that allows any subdomain (*.acme.com) to use SSL (Wildcard SSL). For security reasons, Extended Validation (EV) certificates are not available for wildcard domains.
  • A domain SSL for the specific custom subdomain being used (careers.acme.com). This certificate can have Extended Validation (EV).

The SSL certificate (private key, public certificate) will need to be installed onto the Clinch Talent platform. Clinch Talent Support ( support@clinchtalent.com) can assist in this process.

This means that Clinch Talent landing pages would be available on URLs like  https://careers.acme.com/about.

In this configuration, because the Clinch Talent platform is on a company sub-domain, the Clinch Talent External Tracking Script, can be installed onto any other product within the company's domain, to track candidate behavior between the sites and Clinch Talent.

For example, if Acme has product pages on www.acme.com and Clinch Talent on careers.acme.com, they can track candidates that interact with both properties. This is because the Clinch Talent tracking cookie will be presented to all products with the tracking script on  *.acme.com.

Summary of domain options

 

Domain example

SSL Cert Required

Candidate Tracking

Content Heatmaps

External Tracking Script

Default

acme.career-pages.com

Supplied

Yes

Yes

No

Dedicated Domain

my-acme-career.com

Yes

Yes

Yes

No

Sub-domain

careers.acme.com

Yes

Yes

Yes

Yes

Still need help? Contact Us Contact Us