Migrating from Legacy to Secured Domains - RENEWING SSL CERTIFICATES

Version 7

    What’s Changing:

    Due to the increasing need for companies to protect their data and mitigate against online security threats, Marketo has updated how we manage SSL certificates and the security of our customers' Landing Pages. Recent studies* have shown that ~45% of organizations are attacked, typically lasting a few hours, and could cost a company not only lost revenue, but also customer data and overall trust. Simply put, an SSL certificate just isn't enough anymore.


    In the past, the responsibility of procuring, maintaining validity, and renewing SSL certificates lie with the customer – Marketo just hosted it. This manual and often unreliable process has been replaced with a much more robust "Secured Domains" for Landing Pages and/or Tracking Links managed service, which naturally covers the necessary SSL certificates, but more importantly provides security protection thanks to our partnership with CloudFlare, an industry leader in secure solutions.

    How is the new "Secured Domains" better?

    In contrast to our previous solution, Secured Domains product is less focused on the certificate itself, and rather the security and performance benefits of the upgrade to our CloudFlare-backed servers that host Marketo Landing Pages. With this, we're able to leverage CloudFlare's enterprise-grade tools to protect against security vulnerabilities and attacks on your Marketo pages, including:

    • Managed WAF – keeps your pages secure by filtering/deflecting malicious attacks
    • DDoS Protection – reliability that your pages will remain live by absorbing attacks and preventing the page (and Marketo's infrastructure) from crashing
    • CDN – a load balancer to distribute page views based on geolocation, which allows landing pages to load quicker


    Regarding the SSL certificates themselves, Secured Domains shifts the ownership onto Marketo, which eliminates the need for Marketing & IT to hassle with them ever again, and no worry of the certificates expiring or downtime since they're now renewed automatically, so your landing pages will never crash due to an expired certificate. The certificates are provisioned by CloudFlare at an Enterprise-level offering. For more information, please see our Overview & FAQ: Secured Domains for Landing Pages.

    Action Required:

    Please contact your Marketo Customer Success Manager to add the the Secured Domains product to your subscription. If you are not sure how to get in touch with your Customer Success Manager, please send an email to customercare@marketo.com.



    Once you’ve purchased Secured Domains for Landing Pages for your instance, you will be sent an automated email asking you to provide the Munchkin ID for the instance you wish to have covered by SSL. YOU MUST REPLY to this to alert our Support team to complete the configuration and provisioning of your certificate(s). Once we receive your Munchkin ID confirmation, the turnaround time to provision the certificate is 3 business days. Please plan accordingly to ensure we have enough time to provision the new certificate before your old one expires.


    For help locating your Munchkin ID, see here: How to Find Your Munchkin ID for a Marketo Instance


    Do I have to upgrade?

    An upgrade is required. Due to the aforementioned security and risk mitigation enhancements we've made to protect our servers, we no longer allow for the basic SSL certificate upload of past. You are not required to use the included CloudFlare certificate, but in order to host any certificate on a Marketo Landing Page, you'll need Secured Domains added to your instance. This is currently not a baked-in cost as it allows for our customers who host their own landing pages to opt-out.