Sugar, Spice, and Custom Subdomains

Short answer: it depends on your site. A custom subdomain is the only way to hide the .foxycart.com in your customers' address bar. This might be desirable for your store, and might seem more “professional” if you have technically proficient customers. In our experience, stores at yourstore.foxycart.com convert just as well as checkout.yourstore.com, but we leave it to you to make the choice that's best for your business.

By default, your store's FoxyCart functionality lives at example.foxycart.com, where example is the subdomain you've chosen for your store. The custom subdomain add-on allows your store to live at secure.example.com, checkout.example.com, payments.example.com, or any other name to the left of .example.com you'd like (again, where example.com is your own domain). Some merchants like this, because it gives them a fully-branded checkout experience: everything from the template to the address bar. Other merchants are happy parking their store at .foxycart.com.

There are a few reasons to take this approach:

• A custom subdomain presents the customer with the most seamless checkout flow available. While it does not provide any template customization functionality not otherwise available, it does remove the last trace of the FoxyCart name from your store's checkout flow.
• A custom subdomain will have a SSL certificate with your store's information. While very few customers will actually examine this, for those that do it's a nice touch.
• Custom subdomains allow for additional SSL options. (See below for details.)
• A custom subdomain can work around 3rd party cookie restrictions, which may make analytics or affiliate tracking much easier to accomplish.

To order a custom subdomain:

1. Log into the FoxyCart Admin.
2. Click “Settings” under the “STORE” heading at the top.
3. Check the box next to “use custom SSL”.
4. Click the red “purchase an SSL certificate” that appears in the help text below.
5. Complete the order form and checkout to pay for the add-on.
6. Our helpdesk will reply within 1–2 business days to confirm your order.

Do not change your custom subdomain setting until you have received a green light from FoxyCart and set up your DNS entry (see below). Changing that setting can and will break your add-to-cart and checkout links, as well as your Javascript and CSS includes.

This is the simplest option, it just requires that you approve the certificate and set up a DNS entry on your end. We will order a “30-day Trial” certificate through DigiCert.

Once we receive your approval for the trial certificate, we can update our server-side certificates.

You will need to be able to receive email at one of these addresses:

• admin@your-store-domain.com
• administrator@your-store-domain.com
• webmaster@your-store-domain.com
• hostmaster@your-store-domain.com
• postmaster@your-store-domain.com

OR any address listed on your WHOIS record. (Use this link to look up that information: WHOIS)

For example, if you want your FoxyCart store at secure.example.com, then you must be able to receive email at admin@example.com, or administrator@example.com, etc., or any email found on your WHOIS record.

We're constrained to these “generic” email addresses for certificate approval. All of those email addresses will be sent an approval message when we've ordered the “Trial” certificate, but you only need to respond once.

Once you've placed your order, you'll receive a notice from the Helpdesk and we'll walk you through the above steps. It can take as little as 4 minutes to complete!

The standard SSL certificates are quick and easy, but are not Extended Validation (EV) SSL Certificates. EV certificates turn the address bar green in your browser, which may be something desirable for your store.

If you'd like an EV SSL Certificate, or you'd like to provide your own certificate for any reason, you can. In order to meet our strict security policy, FoxyCart must generate and store the private key. After we get your order, we'll send you a Certificate Signing Request (CSR). Send us the signed certificate you get from your certificate vendor, and we'll install it on our servers.

Also important to note is that this method does cost more than the standard certificate, and you have to purchase your own cert. We charge more for this option because there is often considerable time spent in getting things set up, the process isn't automated like our standard SSL ordering and provisioning process, and we may need to take additional steps like adding root certs to all of our application servers.

To get started with an EV or other customer-provided certificate, place an SSL order through the FoxyCart dashboard (see instructions above), and choose Customer Provided as the SSL certificate type. We will contact you directly with the Certificate Signing Request you'll need to order an EV certificate from the vendor of your choice.

We no longer resell wildcard certificates. You will need to use the “customer provided” option, as with an EV cert, and order the certificate yourself. We use DigiCert* extensively for our own certificate needs.

In order to use your custom subdomain you'll need to do a quick addition to your domain's DNS. This generally will only take a minute if you're comfortable with DNS. If you're not comfortable with your domain's DNS, or if you don't even know what DNS is, your hosting provider or domain registrar can likely handle this for you.

1. First, decide what domain you'd like, here are some ideas:
   1. secure.example.com
   2. checkout.example.com
   3. cart.example.com
   4. checkout.example.com
   5. store.example.com
   6. ???.example.com — anything you'd like. Find what works best for you!
2. Next add a CNAME record for that subdomain, let's say cart.puppydogs.com, pointing to secure.foxycart.com Update March 2014: The DNS entry to use is now secure2.foxycart.com.
3. To check this, use your Terminal (Mac or Linux users), or use kloth.net. Enter your domain (cart.puppydogs.com) and you should see secure.foxycart.com. (again, note the trailing period) in the ANSWER SECTION.
4. Keep in mind that you may have to contact your host directly to set up a CNAME. (Again, this is not a “redirect”).

Also important to note is that you will get a certificate warning if you do this before you have received confirmation from FoxyCart that your SSL certificate has been fully configured and provisioned. You are encouraged to set up your CNAME when you place your order, but it will not work until it's been approved by you and set up on our systems.

Yes, you can get a certificate for cheaper, but SSL Certificates require the overhead of setup, renewals, as well as dedicated IPs. Further pieces that are hard costs for us (in addition to the cert itself and the dedicated IP address) are additional firewall configuration; web application firewall configuration and setup with the SSL certificate (so the WAF can decrypt the traffic); DNS queries; load balancing; DNS failover; monitoring; and security scans.

For this reason, we do allow you to provide your own certificate, but we charge more for this option, because it's much more labor intensive for us to set up and facilitate renewals. The actual cost of the certificate is not the main cost for our custom certs.

* DigiCert requires we tell you this:

We are an Authorized DigiCert™ SSL Partner.

That doesn't mean we're getting paid to advertise them, though, we just like them a lot and think you'll like them too.