This guide provides technical instructions for the implementation of custom domain mapping (e.g., sign.yourcompany.com) to achieve a fully immersive, white-labeled signing experience.
Prerequisites
- Active Enterprise subscription tier.
- Assigned Admin or Owner role.
- Administrative access to your organization's DNS provider (e.g., Cloudflare, Route53, GoDaddy).
Strategic Overview
The ultimate level of organizational branding in IUSign is the implementation of a Custom Domain. By mapping your own corporate subdomain to the IUSign infrastructure, you ensure that recipients never see the iusign.com URL in their browser's address bar. This "Total White-Labeling" significantly enhances recipient trust, maximizes brand consistency, and reinforces the authority of your digital transactions. In this configuration, IUSign acts as a transparent engine powering your own branded signing portal.
Implementation Sequence
1. Domain Specification
Navigate to Admin Dashboard → Custom Branding → Domains.
- Input your desired subdomain (e.g.,
sign.acme.com). - The IUSign engine will generate a set of unique DNS records (CNAME and TXT) required to validate your ownership and route traffic.
2. DNS Orchestration
Access your DNS management interface and create the records provided by IUSign:
- CNAME Record: Maps your subdomain to the IUSign secure proxy (e.g.,
sign.acme.com→proxy.iusign.com). - TXT Record: Used for Domain Validation and SSL certificate issuance.
[!IMPORTANT] DNS propagation can take between 1 and 24 hours depending on your TTL settings. Do not finalize the activation in IUSign until the records are fully propagated.
3. SSL/TLS Synthesis
Once the DNS records are detected, IUSign automatically initializes the issuance of a dedicated SSL/TLS certificate for your subdomain via our integrated Certificate Authority. This ensures that all traffic to your custom domain is encrypted using industry-standard TLS 1.3.
4. Activation and Validation
Select Verify and Activate in the IUSign dashboard.
- Result: All future invitation links will utilize your custom domain (e.g.,
https://sign.acme.com/view/TOKEN). - Fallback: IUSign maintains the original
iusign.comlinks as a secondary fallback to ensure 100% uptime.
Technical Specifications: Custom Domain Engine
| Component | Technical Implementation |
|---|---|
| Traffic Routing | Secure Reverse Proxy. |
| Encryption | Automated Let's Encrypt / Managed SSL. |
| Protocol Support | TLS 1.2 and 1.3 enforced. |
| Link Integrity | High-entropy tokens maintained across domain mappings. |
Strategic Considerations for Enterprise Infrastructure
- Trust and Brand Continuity: Recipients are far more likely to engage with a link that originates from a trusted corporate domain.
- Security Posture: Using a custom domain allows your IT department to monitor and govern signing traffic within your existing organizational perimeter.
- Email Deliverability: Custom domains are most effective when paired with SPF/DKIM integration, ensuring both the URL and the email origin are fully white-labeled.
Diagnostic and Resolution Protocols
| System Exception | Probable Cause | Resolution Protocol |
|---|---|---|
| DNS Verification Failed | Record typo or Propagation delay | Double-check the host and value in your DNS settings. Use a tool like dig or nslookup to verify the record is visible. |
| SSL Issuance Error | CAA Record restriction | If your domain has a CAA record, ensure it permits letsencrypt.org to issue certificates for your domain. |
| Link redirection error | Proxy configuration | Contact IUSign Enterprise Support if your custom domain is active but links are returning a 5xx error. |