Skip to main content
GroupsCustom Domains for Sandboxes
Group

Custom Domains for Sandboxes

Custom domains for sandboxes is a feature of Spring '21 that allows custom domains for Salesforce Sites and Salesforce Communities to get served by sandboxes. This allows development and testing of custom domains using sandboxes. The documentation for this feature exists in https://help.salesforce.com/articleView?id=sf.domain_mgmt_sandbox_custom_domains.htm&type=5
Thomas Richter (n/a)
Dec 2, 2020, 7:46 AM

Hi @Steven Lawrance

We are participating in the pilot with a customer, and I want to thank you for the great work.

 

We probably found a bug in session handling in a customer community (using B2B Commerce). We are only able to reproduce it when the custom domain is enabled for the community. 

Steps to reproduce it:

  1. login in to the community (either by using SSO using an OpenID Connect Auth Provider or Login As on contact) --> we are logged in, everything (also remote actions) work well
  2. export session cookie "sid"
  3. remove all cookies
  4. reload the page --> not logged in anymore
  5. import session cookie "sid"
  6. reload the page 
    • without custom domain: logged in again. everything working (also remote actions)
    • with custom domain: not logged in, remote actions throw error "Remoting request invalid for your session.  Refresh the page and re-submit request" - even a reload doesn't help to recover. Removing session cookie sid helps.

The same also happens if you only modify the session cookie instead of removing and importing it.

 

I am also not able to reproduce this behavior on production with a custom domain enabled.

 

As this is very technical to reproduce the behavior, it often happens with normal user behavior browsing the community. 

 

I hope you can help me.

 

Thanks.

 

Thomas

14 comments
  1. Steven Lawrance (Salesforce.com, inc.)
    Jun 23, 2021, 7:25 PM

    As an update regarding this, the "Cache public Visualforce pages" site-level option exists in Summer '21 within the site detail page and is documented in https://help.salesforce.com/articleView?id=sf.sites_caching.htm&type=5 . It can help by having cacheable Visualforce pages cache only within an end-user's web browser and not within infrastructure-level proxy servers and content delivery networks (CDNs). Turning off "Cache public Visualforce pages" in a site can help sites that are typically used by authenticated users instead of by unauthenticated users.

Write a comment...
0/9000
Matt Edwards (Technical Architect at Financial Services)
Jan 8, 2021, 10:16 PM

Hello, we've recently joined the pilot and have four sandboxes for which we'd like to set up custom domains. For the sake of simplicity we would typically use a single SAN certificate to reduce the number of certs that need to be ordered, installed and updated every few years.  When setting this up however, we receive an error message of the form:

 

Error: The domain name dev1-www.company.com wasn't in the supported set of domain names in the certificate: sandbox-www.company.com, www.sandbox-www.company.com.

 

We've set up a single SAN cert referencing the following domains:

CN: sandbox-www.company.com

DNS Names:

sandbox-www.company.com

dev1-www.company.com

itest1-www.company.com

uat-www.company.com

pfix-www.company.com

 

We did not read anything in the pilot documentation that indicated SAN certs weren't supported and thus didn't expect it to be an issue. Can anyone here confirm whether SAN certs will be supported and if so, whether there are any specific requirements around how a SAN certificate must be set up?

 

Each cert costs money to set up so we don't have a lot of room for trial-and-error here.

 

Any help is much appreciated.

3 comments
  1. Steven Lawrance (Salesforce.com, inc.)
    Jun 23, 2021, 7:21 PM

    Unfortunately, the Salesforce Sales, Service, and Communities Cloud doesn't yet have way to specify a subject alternative name (SAN) list within the user interface when creating a new certificate. A possible option is to create the certificate signing request (CSR) outside of Salesforce, get it signed, put the signed certificate chain and the private key into a Java Keystore (JKS) file, and then import it into the org. General documentation for creating the JKS file exists in https://help.salesforce.com/articleView?id=000339841&type=1&mode=1 .

Write a comment...
0/9000
Steven Lawrance (Principal Architect at Salesforce.com, inc.)
Feb 15, 2021, 10:02 PM

With the Spring '21 release, this feature is planned to become generally available.

 

At present, however, there is a bug in Spring '21 that wasn't noticed earlier that prevents sandbox activations and domain operations from working properly when this pilot is enabled in a production org that has more than 15 sandboxes. This is being fixed, and the plan is to fix this issue this week.

 

If your production org in this pilot has more than 15 sandboxes and you're creating or refreshing a sandbox within the next several days, Salesforce Support may need to turn off the pilot in your production org until after the bug is fixed. Similarly, if you're adding, editing, or removing a custom domain in a production org with more than 15 sandboxes, the pilot needs to be turned off within your production org to have those domain management operations proceed.

 

After the bug is fixed, Salesforce plans to enable this feature generally to all orgs that are not in the Salesforce Government Cloud, Salesforce Public Cloud, or Hyperforce.

7 comments
  1. Steven Lawrance (Salesforce.com, inc.)
    Mar 2, 2021, 7:00 PM
    As a slightly-belated update, NA76 and NA132 both have the fix and can use sandbox custom domains, which completes the general enablement of this feature in production.
Write a comment...
0/9000
Sai Kalikota (Developer at Dolby)
Jan 4, 2021, 10:01 PM

Hi @Steven Lawrance ,

We have a community in our org and we are trying to use a custom domain for that particular community alone. Last time we tried this using the steps mentioned in the https://help.salesforce.com/articleView?id=000336819&type=1&mode=1

However, we have ran into issues like

  1. Logo Disappeared
  2. Incorrect Font
  3. Color of the footers changed
  4. Self register was not working

So had to revert the changes.

 

We did research and but haven't found any solutions/workarounds as such. Raised a case with Salesforce but didnt get any pointers. I am not sure if this is the right channel but can you help us in this?

2 comments
Write a comment...
0/9000
kokkiripalli vaishnavi (Software Application Engineer at Workday)
Jan 7, 2021, 9:42 AM

Hi Team,

 

One of the users @Raj Sookrah is making use of the pilot program"Set Up Your Sandbox Custom Domain (Pilot)" as documented in : https://help.salesforce.com/articleView?id=domain_mgmt_sandbox_custom_domains_setup.htm&type=5

As per the doc, it says that we need to setup the custom domain in production and then in 'Select sandbox in the Associated Org field.'

 

However, they are trying to setup custom domain directly in sandbox, by following below:

Firstly created an SSL certificate. Then created the domain and attached the certificate with the domain creation. 

Next added a custom URL for the site, lastly created the DNS.

The domain looks like: https://abc.sandbox.xyz.com and created a CNAME that points to abc.sandbox.xyz.com.00Dxxxxxxxxxx.live.siteforce.com 

Under custom URL: the status for the domain: abc.sandbox.xyz.com  is being displayed as Published. However, the redirection is not happening and the domain page does not load.

~~~~~~~~~~~

Could you please help to confirm if the above steps followed are correct or not.

If not, please help to share the exact steps to be followed to complete the custom domain setup in sandbox before moving forward for production.

 

Also, they are making use of domain in the format: abc.sandbox.xyz.com  - please confirm if this is a right format for domain or not.

 

Many Thanks

2 comments
Write a comment...
0/9000
Santhanasurya Athmalingam (Salesforce Developer at Cognizant Technology Solutions)
Dec 3, 2020, 5:02 PM

Hi @Steven Lawrance 

 

We want to participate Custom domains for sandboxes pilot feature and activate them in our sandboxes. While we are still in progress of implementing custom domain for the same in our Production org.

 

So, can we implement custom domain on sandboxes through this pilot feature before/simultaneously we actually doing the custom domain in PROD. If so can you please let me know if we are eligible for the feature and the process to activate the pilot feature for our sandboxes.

 

Thanks,

Surya

6 comments
Write a comment...
0/9000
Marcus d'Assumpcao (Salesforce)
Dec 7, 2020, 4:31 AM

Hi @Steven Lawrance I have a partner that is unable to add a sandbox to a new custom domain as a part of the pilot feature. They have logged a Premier support case and it has been referred to me as their Account Executive for approval. Are you able to advise what the process is from here?

1 comment
Write a comment...
0/9000
Jitendra Tekwani (Cisco Meraki)
Dec 4, 2020, 10:17 PM

Hi,

We have setup a custom domain for our partner community in our full copy sandboxes and was working fine. But after sandbox refresh today i am not able login to community using custom domain. Whenever I am trying my custom domain it takes me to salesforce login page.Does anyone else have faced this issue before?

2 comments
Write a comment...
0/9000
Pablo Rodriguez (Account Director at SALESFORCE)
Dec 1, 2020, 3:04 PM

Hi @Steven Lawrance 

 

I would like to participate in the Custom Domains for Sandboxes Pilot program.

I have a customer with a particular software requirement that requiere to change the domain in their sandbox environment. 

 

I'm Account Executive in Salesforce (Enterprise).

 

Regards,

Pablo.-

1 comment
Write a comment...
0/9000
Benedict Sabater (Lead Engineer at Bluebeam)
Sep 17, 2020, 7:20 PM

Hi @Steven Lawrance 

 

We would appreciate your thoughts on the behavior we’ve noticed setting up custom domains.

 

In our production instance, we were able to create the two domains below.  Both are configured using  ‘No HTTPs’ since we don’t have certificates for them.

    -  shop.bluebeam.co.uk

    -  testshop.bluebeam.co.uk

 

We created DNS entries for both domains and pointing to our Salesforce production instance:

   -  shop.bluebeam.co.uk.00****************.live.siteforce.com

   -  testshop.bluebeam.co.uk.00****************.live.siteforce.com

 

In our sandbox,  we created two custom URLs (using the two mentioned above) pointing to the same community.  When we use shop.bluebeam.co.uk,  the page redirects to our sandbox  https://b2bpilot-*******.****.force.com/ourhomestore

 

Questions:

a) After the page is redirected,  it displayed the sandbox URL.  We were expecting the page URL to be https://shop.bluebeam.co.uk/ourhomestore.  

 

b) For our communities SSO, we have an Auth Provider setup.  In the same sandbox, we noticed that the Auth Provider URLs under the community section were not updated to reflect the custom URLs we created.   If we have multiple custom URLs pointing to the same community,  what will be the URL used in the Auth Provider —> Community?

 

Thanks!

10 comments
  1. Steven Lawrance (Salesforce.com, inc.)
    Nov 19, 2020, 5:55 AM
    @Dylan Carlson As an update, the "Salesforce serves the domain over HTTPS using a Salesforce content delivery network (CDN) partner and a shared HTTPS certificate" HTTPS option for sandbox custom domains unfortunately is delayed to Summer '21 (safe harbor statement applies) instead of Spring '21.
Write a comment...
0/9000