Custom Domains for Articles

When you turn on your Articles Help Center, your content is available through intercom.help by default. Your URL will look like this: intercom.help/exampleapp

If you’d like to use a different URL, you can create one by setting up a custom domain. You can do so by:

1. Entering your custom domain in Articles
2. Creating a custom CNAME record
3. Choosing to configure SSL

📘

Note

To recognize logged-in Users on your Help Center and/or use audience targeting for Articles, your web app (where you have Intercom installed) and your Help Center must share a top level domain. E.g. If your domain is app.example.com, your custom Help Center domain must be something like help.example.com. This allows Intercom to identify your logged-in users when they visit your Help Center.


Enter your custom domain in Intercom Articles

Enter the custom domain you want to use in your Help Center settings in Articles. Let’s use ‘help.exampleapp.com’ as an example:

14931493

Create a custom CNAME record

  • Go to your DNS provider’s website (e.g. GoDaddy or Cloudflare). If you’re choosing one for the first time, go with one that supports SSL.
  • Create a CNAME (‘canonical name’) record for your custom domain.
  • Point it at Intercom’s host domain (This is based on your data hosting region, not where you are located geographically):
    • Intercom US: custom.intercom.help
    • Intercom Europe: custom.eu.intercom.help
    • Intercom Australia: custom.au.intercom.help

How to create a custom CNAME record with Cloudflare

These steps will vary, so check with your own DNS provider for support.
As an example, here’s how to set up a CNAME record with Cloudflare:

  1. Set up Cloudflare as the resolver for your custom CNAME by changing your domain nameserver to Cloudflare.
  2. Go to the ‘DNS’ section in Cloudflare and add a CNAME record for your Help Center custom domain. Give the CNAME a Name based on the first part of your custom domain e.g. if your custom domain is help-center.example.com, use help-center.
  3. Point it at the Intercom host domain:
    1. Intercom US: custom.intercom.help
    2. Intercom Europe: custom.eu.intercom.help
    3. Intercom Australia: custom.au.intercom.help

To enable the CNAME record, click on the Cloud icon under the Status so it turns orange.

16001600

Choose to configure SSL (optional)

After you set up a custom domain, your Help Center will be hosted on your domain, but on HTTP rather than HTTPS. Your Help Center will now appear as ‘not secure’ on web browsers like Chrome Here’s how to secure it.

SSL (or TLS), is the most widely used way to secure the connection between your server and your browser. It ensures the connection between the server and browser is encrypted and safe, and appears as HTTPS.

Here’s what an SSL-configured website (with HTTPS) typically looks like on the Chrome browser:

11681168

This is what it looks like if you’ve visited a website not secured by SSL (without HTTPS):

942942

There are two ways to set up SSL with Articles on your custom domain:

  • Use a flexible SSL (using a third party DNS provider like CloudFlare or AWS CloudFront)
  • Use your own SSL certificate (using a TLS Termination Proxy)

You can configure SSL for your custom domain to keep sensitive information encrypted. If you want to do this, make sure you’ve set up your CNAME with a DNS provider that supports SSL, like Cloudflare.

🚧

Important

DNS changes can sometimes take up to 72 hours to take effect, but are typically much faster.

How to configure SSL with Cloudflare

Add SSL support to your domain

Go to the ‘Crypto’ section and change SSL to ‘Flexible’ or ‘Full’.

10361036

🚧

Don’t choose ‘Full (Strict)’ as this will result in an invalid SSL certificate.

Create a page rule enforcing HTTPS

Go to ‘Page Rules’ and create a new page rule with the following settings, replacing help.exampleapp.com with your own custom domain.

784784

Disable Cloudflare page speed features

Go to ‘Speed’ and disable Rocket Loader and Mirage for your custom help center domain.

Both of these features result in Cloudflare attempting to add some javascript to your Help Center. This will break functionality on your Help Center due to security settings your Help Center has enabled.

👍

Ready to go!

Your custom domain should be fully secured and ready to go. Visitors to your Help Center will see the green lock icon in their browser to let them know the site is secure.

How to configure SSL with AWS

Create a CloudFront Distribution

  1. Sign in to the AWS Management Console and open the CloudFront console.
  2. Choose Create Distribution
  3. Update the 'Origin' settings. The origin domain will be custom.intercom.help and the protocol should be HTTPS only. Our servers support TLSv1.2.
644644
  1. Update the 'Default cache behavior' settings.
644644

❗️

Cookie Forwarding and Query String Forwarding

It is important that your Cloudfront distribution's behaviour is set up to forward all Headers, Cookies and Query Strings or else critical features of the Articles product (e.g. article search or private articles) will not work.

🚧

Cache Settings Changed

When setting up your Cloudfront distribution, you need to select "Use legacy cache settings", which will now show the options for:

  • Headers
  • Query strings
  • Cookies

These should be set to All

  1. Under 'Settings', add your custom domain, e.g. help.exampleapp.com as an Alternate domain name and upload your SSL certificate if you have one. You need a certificate that matches your domain. If you use a certificate that does not match your domain, then you will see the following error when navigating to the HTTPS version of your website: NET::ERR_CERT_COMMON_NAME_INVALID
643643

Create a CNAME record

  1. Copy your distribution domain name
  2. Navigate to your domain provider and create a new CNAME record
  3. For host/name input your subdomain (ex help)
  4. For value input your CloudFront distribution domain name
22342234

Using your own SSL certificate with Apache or Nginx

The SSL certificate used by your Help Center is a shared certificate signed by your DNS provider. It uses SNI (Server Name Indication) to secure your site.

If you wish to host your own security certificates, you can do so through a TLS termination proxy. You’ll need to edit the configuration file on your proxy webserver.

Note: If you created a CNAME record that points to custom.intercom.help, you'll need to delete this to host your own SSL certificate.

Here are the basic instructions to set up your own SSL using Apache and Nginx webservers:

# Prerequisites: mod_ssl, mod_proxy and mod_proxy_http should be enabled

# Step 1: Acquire an SSL certificate and private key (e.g. LetsEncrypt.org)
# Step 2: Set up Apache proxy settings, example below.
# Step 3: Set custom domain in Intercom Help Center settings
# Step 4: Make sure your custom domain's DNS record resolves to your Apache server

<IfModule mod_ssl.c>
<VirtualHost *:443>
        ServerName your-help-site.custom-domain.com # specify your custom domain here

        # Set SSL options for your own domain
        SSLEngine on
        SSLCertificateFile /path/to/your/fullchain.pem
        SSLCertificateKeyFile /path/to/your/privatekey.pem
  
        # Proxy SSL options
        SSLProxyEngine on
        SSLProxyVerifyDepth 10
        SSLProxyCheckPeerCN off
        SSLProxyCheckPeerName on

       # Set up the reverse proxy to Intercom
        ProxyPreserveHost On
        ProxyPass / https://custom.intercom.help/
        ProxyPassReverse / https://custom.intercom.help/
</VirtualHost>
</IfModule>
# Prerequisites: ngx_http_ssl_module and ngx_http_proxy_module should be enabled

# Step 1: set up normal server with HTTPS https://letsencrypt.org/
# Step 2: set up proxy settings as shown below 
# Step 3: set custom domain in Intercom Help Center settings
# Step 4: make sure your DNS record is configured to IP of your Nginx server

resolver 8.8.8.8; # use own DNS server if you have one
server {
  listen 443 ssl;
  server_name your-help-site.custom-domain.com; # replace this with your domain

  ssl_certificate /path/to/your/fullchain.pem;
  ssl_certificate_key /path/to/your/privatekey.pem;

  location / {
    # using "set" is important as IP addresses of Intercom servers 
    # changes dynamically. "set" enables nginx to follow dynamic IPs
    set $intercom "https://custom.intercom.help:443"; 
    proxy_set_header Host $host;
    proxy_pass $intercom;
  }
}

There are many ways to set up your own SSL certificate - we can’t guarantee that we can support every type of proxy setup. If you have specific needs, we can't support you in configuring it.

Note that you may also need to add redirect from HTTP protocol (port 80) to HTTPS as part of your server configuration.

While most modern browsers support SNI, a few older ones don’t. If you’re supporting those browsers, you should use your own SSL certificate instead. Check with your DNS provider to see if this option is available.


What’s Next

You should now read our guide on how to customize your Help Center. You can change colors, add a favicon and header image and more so it matches your brand.