Friday, December 8, 2023

Managing SSL and Domains in AEM as a Cloud Service

 This post will discuss handling SSL and domains when using AEM as a Cloud Service. This is for you if you’ve been wondering about keeping things secure and running smoothly on the cloud. Let’s dive into some easy tips and tricks.

AEM as a Cloud service allows you to manage SSL and domains through a cloud manager.

SSL Management:

As a first step, begin by uploading your SSL certificates to Cloud Manager. refer to SSL Certificate Management Basics — Developers | by Albin Issac | Tech Learnings | Medium for understanding the details of SSL management. At any given time, Cloud Manager will allow a maximum of 50 SSL certificates to be installed. These can be associated with one or more environments across your program and also include any expired certificates. However, some prerequisites exist for the SSL certificates: Domain Validated (DV) or self-signed certificates are not supported. The SSL certificate files must be in PEM format to be installed with Cloud Manager, and the Private Key should be in pkcs8 unencrypted format. For more details on managing SSL certificates in AEM as a Cloud, refer to the guide Introduction to Managing SSL Certificates | Adobe Experience Manager on the Adobe Experience Manager website.

AEM as a Cloud Service supports single domain, SAN, and wildcard certificates via the Cloud Manager.

You can go to cloud manager environments → SSL Certificates →Add SSL Certificates.

Enter a name for the SSL certificate and copy its content. Copy the content of the SSL certificate, you will receive the certificate file from the Certificate Authority (e.g., DigiCert) by following the certificate generation process. Ensure the file is in .pem format; if it’s not, you’ll need to convert it to .pem.


Copy the content of the private key, ensuring that it is in the non-encrypted pkcs8 format. If your key is in another format, such as OpenSSL, it can be converted to pkcs8. I usually use Key Explorer for this purpose, although OpenSSL can also be used to convert to different formats. These tools provide a quick way to change key formats.

Make sure that the key is not encrypted.

In addition to the actual certificate, you will receive certificate chains from the Certificate Authority (CA), which typically include two types of chain certificates: the Intermediate certificate and the Root certificate. You should arrange the Intermediate and Root certificate contents in the correct order and copy the combined content into the certificate chain field.

Intermediate Certificate

Root certificate

If the private key is uploaded in a format other than pkcs8, you will encounter an error stating, ‘Private key does not match the certificate.

Once the certificate is successfully uploaded, it becomes available for association with a domain and environment. The SSL certificate can also be updated or deleted as needed.

DNS Management:

Now, you have the ability to add a new custom domain, associate it with an SSL certificate, and assign it to a specific environment. For more detailed information on DNS management in AEM as a Cloud service, please refer to ‘ Adding a Custom Domain Name | Adobe Experience Manager’ in the Adobe Experience Manager documentation. Additionally, for a fundamental understanding of DNS management, consult ‘DNS Management Basics for Web Developers | by Albin Issac | Tech Learnings | Medium.

There are certain limitations when managing custom domains in Cloud Manager. Each environment can support a maximum of 500 custom domains. Custom domain names are accommodated in Cloud Manager for both ‘publish’ and ‘preview’ services in Sites programs, but they are not supported for author services. To add a custom domain name in Cloud Manager, a user must hold either the Business Owner or Deployment Manager role. Additionally, you must be utilizing the out-of-the-box (OOTB) Fastly CDN.

Cloud Manager → Environments → Domains →Add Domain

Enter the fully qualified domain name, such as a test domain (e.g., or a live site (e.g., Then, select the environment where this domain will be active, based on your configuration (e.g., dev, uat, stage, prod). Next, choose the service with which you want to associate the domain, either ‘publish’ or ‘preview’. Finally, select the SSL certificate associated with this domain (only those SSL certificates linked to the specified domain will be listed).

Now, you will receive a TXT record that needs to be configured in your Domain Manager to verify domain ownership.

Now, add the TXT record to your domain using your DNS management system, such as CSC Global, GoDaddy, etc.

Wait for the changes to propagate, which may take some time. You can verify this through online tools or command-line utilities like ‘dig’.

Click ‘Create.’ The TXT record will then be validated. You can also choose to create it first and validate it later, once the changes have propagated, by clicking ‘Verify’ again.

Once the domain is successfully validated, a green checkmark will appear.

Now, return to your Domain Manager and create a CNAME record for your custom subdomain (e.g., that points to Alternatively, you can add an A-Record instead of a CNAME if you are using a root (APEX) domain. For more details, refer to the ‘Configuring DNS Settings | Adobe Experience Manager’ section in Adobe Experience Manager documentation.

Wait for the changes to take effect. You can verify this through the same online tools or command-line utilities,

Now, click ‘Resolve’ again to configure the domain’s CNAME resolution.

Once resolved, you will see a ‘Resolved Correctly’ message, indicating that the domain is now ready for use.

Enable the necessary Dispatcher configurations to direct the domain to a specific content path.

AEM as a Cloud offers a self-service capability for managing SSL and DNS configurations through Cloud Manager, greatly simplifying the process of handling SSL certificates and DNS settings. It’s important to configure your domain well in advance, as the entire process, including domain validation and resolving through your DNS manager, can take a reasonable amount of time.

As an additional note, I recommend creating a common test domain to manage test domains across different environments. For instance, using allows you to create various subdomains for different environments, such as,,, etc.

Now, create a wildcard certificate that supports * and upload this certificate to Cloud Manager. It can be used to configure all the test domains across various environments. Additionally, create a SAN (Subject Alternative Name) certificate to support all your live domains.

Monday, October 2, 2023

Exploring Atomic, Modular, and Headless Content Paradigms

 How we structure, manage, and deliver content continuously changes in today’s fast-evolving digital landscape. As businesses strive to provide seamless user experiences across various platforms and devices, the methodologies behind content creation and delivery become crucial. Enter the paradigms of atomic, modular, and headless content. While they might sound like buzzwords to the uninitiated, these concepts represent the forefront of modern web development and content management strategies. In this post, let us deep dive into Atomic, Modular, and Headless Content Paradigms.

Atomic content, drawing inspiration from the world of atoms — nature’s fundamental building blocks — emphasizes creating content in its smallest, indivisible units. This approach ensures content is versatile, platform-agnostic, and ready to be served whenever and wherever needed.

Modular content takes a slightly broader perspective. Imagine constructing a building with LEGO blocks; each module or block is self-contained but forms a cohesive whole when combined. This modular methodology streamlines content creation promotes consistency, and provides flexibility in tailoring content for varying needs. Content modularization is the process of creating small blocks of content that will be pre-approved, stored, and repurposed across channels.

Meanwhile, the headless approach revolutionizes how we think about content storage and delivery. Stripping away the traditional coupling of content and presentation, a headless system serves content through APIs, making it a breeze to deliver across websites, mobile apps, IoT devices, and more.

Atomic, Modular, and Headless Content Approaches

The modular content is organized in the below levels.

  • Content Blocks: These are standalone, pre-approved items (like files) that can be used in content pieces or campaigns. They might be single items, like a picture or a piece of writing. Or, they could be small combinations of different items, like a picture with text.
  • Content Sets: This is when you take multiple content blocks and group them into larger, well-matched sets. You can use these sets on their own or mix them across different platforms. This helps ensure the brand feels consistent everywhere without repeating the same content.
  • Content Experiences: This is how people experience the content sets in real life — whether on websites, social media, kiosks, etc. Though the content may vary across platforms, it should still feel connected and offer a consistent experience for the user.

Atomic/Modular content is content reuse, stemming from a need to deliver content on multiple devices and screens and in variations for different audiences based on location. Previously, without modular content capabilities, publishers typically focused on creating content for one medium or audience at a time.

Modular content helps simplify this complex challenge by providing finite control over where and how content appears. Think of modular content like building blocks. The way modular content is defined varies by business use case and need. Depending on your business needs, the smallest block could equate to a single sentence or a single module on a page; for example, stack several small sentences “blocks” together, and you’ve created an article that can be displayed on a website.

The idea of content as blocks that can be reused, mixed, and matched is beneficial when you’re going omnichannel. With this approach, marketers don’t need to create new content. Instead, they have an inventory of previously created content (perhaps originally for another channel campaign or region) that they can then reuse. Having such reusable content enables higher quality and greater consistency in content creation.

Some of the benefits of Atomic/Modular Content:

  • Faster Time-to-Market: It’s quicker to assemble and deploy content when needed.
  • Personalization: Modular content can be combined in different ways to cater to specific audience segments, allowing for more personalized user experiences.
  • Reusability: Once created, content components can be reused across different channels, mediums, or platforms without needing to recreate or copy them.
  • Consistency: With atomic content, there’s a higher likelihood of maintaining a consistent tone, style, and message across all platforms because you’re using the same modular pieces.
  • Easier Updates: When an update is needed, you can modify the base component, which will reflect across all instances where it’s used, ensuring up-to-date content.
  • Cost-Effective: In the long run, reusing content components can lead to cost savings as teams spend less time creating and more time optimizing.
  • Scalability: As your content needs grow, it’s easier to scale with a modular approach than to keep creating new content from scratch.
  • Future-Proofing: As new channels or technologies emerge, atomic content can be easily adapted or repurposed to fit, ensuring longevity and relevance.
  • Reduces duplication: Atomic/Modular content approaches help to reduce the duplicated content.

When to Consider Atomic/Modular Content:

The Atomic/Modular content approaches may only fit some of the use cases and scenarios; sometimes, the traditional content may work well compared to Atomic/Modular content. Before opting for an atomic/modular content approach, ensure you understand the content’s purpose, whether channel-specific, short-term news/articles or something else.

  • Multi-Channel Distribution: If your content is distributed across various platforms (e.g., websites, mobile apps, social media, print), atomic content allows for seamless adaptation and consistency across channels.
  • Frequent Updates: For content that requires regular updating, it’s more efficient to change a single module than to find and edit every instance of a content piece.
  • Scalability Needs: If you anticipate scaling your content in volume or across new platforms, atomic content can simplify the scaling process.
  • Personalization Goals: Atomic content is ideal for organizations aiming for deep personalization, allowing them to mix and match content pieces for different audience segments.
  • Content Reuse: If similar content pieces are used in different places or for various purposes, atomic content can reduce redundancy.
  • Future-proofing: When preparing for emerging technologies or platforms, modular content can ensure that you’re ready to adapt.

In some cases, the Atomic/Modular Content may not fit well.

  • Narrative or Linear Content: For content with a strong linear narrative (like a novel or a long-form journalistic article), breaking it down into atomic pieces might disrupt the flow.
  • Limited Scope: The effort to go atomic might outweigh the benefits if your content is only meant for a single channel and doesn’t require frequent updates or repurposing.
  • Overhead and Complexity: Implementing a modular content strategy might require changes in content creation processes, training, and possibly even the CMS. The initial investment in time, effort, and possibly money can be substantial.
  • Loss of Context: Content pieces risk losing their context when they’re separated from the whole. Care must be taken to ensure that standalone pieces make sense in isolation.
  • Short-Term Projects: For projects with a short lifespan where content won’t be repurposed or redistributed, atomic content might be overkill.

From my perspective, it’s crucial to identify which content is suitable for the atomic/modular content approach before adopting this strategy. Reorganizing existing content to fit the atomic/modular framework can sometimes be labor-intensive and costly. In such cases, it might be more practical to adopt the atomic/modular approach solely for new content while exploring alternative methods to manage and share the existing content.

The headless or hybrid CMS systems utilize Content APIs to distribute atomic/modular content across various channels. This content is managed within a centralized repository, ensuring seamless sharing across diverse channels and systems. While many CMS systems facilitate content or page sharing through APIs, the crucial consideration is not just adopting a headless system. Instead, embracing a content management strategy(process) that aligns with the headless approach is essential, emphasizing atomic/modular content.

Atomic, modular, and headless content concepts are interconnected and frequently employed in contemporary content management. Atomic and modular content strategies emphasize the organization, structure, and reusability of content, ensuring it’s crafted in a manner that’s both platform-agnostic and scalable. On the other hand, headless content underlines the decoupling of content from its presentation, facilitating the delivery of atomically structured and modular content to any platform or device through APIs.

Every CMS system follows different approaches to managing and sharing Atomic/Modular content. Let’s take a high-level look at how Atomic/Modular content is managed and shared in Adobe Experience Manager (AEM), a hybrid CMS system.

AEM is fundamentally structured around components, which act as the primary units of content. These components can encompass a variety of elements, including text, images, videos, and buttons. Users can craft, modify, and reuse these components across different parts of a website or even span multiple websites. These individual components can then be amalgamated to create page templates, exemplifying the modular content strategy. One notable feature of AEM is its inherent content services, which facilitate content retrieval in a JSON format. This capability shares the content without the entire HTML as a JSON format to mobile apps, single pages, and other platforms. Refers to AEM Experience Manager(AEM): Content Sharing Approaches | by Albin Issac | Tech Learnings | Medium to understand different content sharing options, including Content as a Service API’s

Further enhancing AEM’s offering is the introduction of Content Fragments. This feature paves the way for creating structured content indifferent to the channel it’s presented on. Tailored at both Atomic and Modular tiers, relationships between Content Fragments can be orchestrated, allowing Modular content’s formation in diverse contexts. Equipped to handle variations specific to different channels, Content Fragments also play a pivotal role in localizing content. Such structured content can be used within AEM pages or Experience Fragments. These Content Fragments can also be shared as Headless content through GraphQL endpoints to various channels. For a deeper dive into sharing Content Fragments via GraphQL API in AEM, How to deliver headless content through GraphQL API and Content Fragments? | AEM(Adobe Experience Manager) | by Albin Issac | Tech Learnings | Medium.

Experience Fragments (XF) in AEM deserve a special mention. Crafted to facilitate the creation and distribution of channel-agnostic content, XFs are aggregations of one or multiple components, coupled with their layout, all fine-tuned for reuse. They align with the modular content strategy, allowing content creators to curate adaptable content detached from any specific page or template. This design inherently fast-tracks content updates, with changes to an XF instantaneously reflecting wherever deployed. AEM supports XF variations, enabling customization tailored to specific scenarios or channels. While XFs are effortlessly integrated into AEM pages, they can be combined with AEM’s Content Services to share with external systems/channels as JSON or HTML formats. This ensures that content can be consumed across various channels, apps, or platforms in a headless mode.

In AEM, the Digital Asset Management (DAM) aligns with the Atomic/Modular approach, efficiently managing various assets such as images, videos, and documents. Metadata tagging within the DAM ensures assets are systematically organized and swiftly retrievable, streamlining content creation. Beyond in-platform usage, these assets can be seamlessly shared outside of AEM. Importantly, when assets are integrated into content fragments or disseminated externally, AEM ensures that the latest approved version is used, guaranteeing brand consistency and accuracy across all channels.

In conclusion, while the Atomic/Modular and headless content strategies are indispensable in today’s rapidly changing digital environment, assessing business challenges and needs is essential before committing to an approach. Not all scenarios may benefit from these strategies. It’s prudent to pinpoint content that’s ripe for this strategy and initiate it there. Additionally, retrofitting existing content to align with an Atomic/Modular approach might demand significant resources. Therefore, adopting this strategy primarily for new content creation often proves more logical.