Custom Hostnames
How to link custom hostnames to your WEM Portals
At some point you might want to use a hostname that is part of your own domain to be linked to your WEM-portal.
Something like https://portal.yourdomain.ext
For this to work, you need to understand a bit about DNS and Hostnames, and most importantly the CNAME DNS record.
CNAME DNS Records
To let people access your WEM Portal by using your hostname, the Internet's DNS system needs to know where to go when the hostname is entered in a browser - and that is done by linking the hostname via a CNAME record to the location of the WEM Runtime Zone where your portal is running.
The CNAME Target values are the hostnames by which the WEM Runtime Zones are known and can be reached for internet traffic; once the WEM Runtime Zone is reached, the WEM Runtime Services will recognize your actual hostname in the request and the corresponding portal will be presented to the user.
Below are the standard steps for portals running in the Live Eur Zone:
Create a CNAME record for the hostname in your domain's DNS management (or let your DNS management people do this for you).
Point the CNAME to live.wem.io. when your portal is in the WEM EUR Runtime. Check below for other runtime zone values.
Add the hostname to your portal settings and publish from Modeler to Staging and Live (publish is a linear chain) preferably WITHOUT forcing https (there is no certificate yet - which may show security errors when accessing the hostname on https).
For an SSL Certificate, make a specific request in MyWEM Support (read on for more details). When the SSL certificate is available, you can activate the option Force HTTPS and publish this change from modeler to staging and live.
You can have multiple hostnames added to your portal, but they all MUST target the same Zone as indicated in the Hosting Zone setting of the portal.
So you can use and keep using the standard provided hostname that automatically uses the correct zone-related endpoint and add your own hostname as additional option to use when all settings (CNAME record and SSL certificate) are in place.
For CNAME records in your domain's DNS management, use:
Runtime Zone | CNAME target |
EUR Live | live.wem.io |
EUR Staging | staging.wem.io |
APAC Live | live.wemapac.io |
APAC Staging | <not supported> |
Kubernetes (Private) Cloud* | check with DevOps or WEM Support for the correct hostname |
A DNS-change like this may take up to 24 hours to be distributed along all DNS servers around the internet. You can check your hostname using Google's DIG: https://toolbox.googleapps.com/apps/dig/ - if it shows the correct value, you can assume the hostname is available to all (or at least most) users.
Use/Force HTTPS
To have SSL available (and forced) for your custom hostname, WEM offers the service for free Let's Encrypt certificates. On WEM Kubernetes (Private) Clouds this is automatically handled. For the current EUR and APAC Zones, there is a manual initialization necessary.
If you want to have SSL enabled on your custom domain on the EUR or APAC zone, you need to create a Support Ticket in MyWEM, by using the specific button [Request SSL Certificate], specifying the hostname for which the certificate should be made. The CNAME Record MUST already be available for this to work, because there is an automatic check using Googles DIG online tool in the WEM Request SSL Certificate process.
WEM Kubernetes (Private) Clouds
Obviously we cannot provide the CNAME Target values for the WEM Kubernetes Private Clouds in this public documentation. For any specific WEM Kubernetes environment, the correct CNAME target value can be obtained via authorized DevOps or WEM Support.
For portals running in a Kubernetes (Private) Cloud, some details may be different:
The hostname may not be publicly available if the environment uses private DNS, in which case the check using Google DIG is not possible;
The Publish DevOps Settings may be turned off in the Modeler Settings, in which case the hostname and https management must be done in the WEM DevOps Portal (and then there is no need to publish the changes for hostnames and https).
Last updated
