We have been using Marketo on our non-secured website.
We have Marketo forms embedded directly into our Wordpress pages and we also of course have the Munchkin tracking code implemented on our pages.
We want to install an SSL certificate on our server and start encrypting traffic between our website and others.
What do we need to consider, which settings would need to be modified, any caveats?
There is documentation on moving to HTTPS for your marketo linked cnames.
Simply do a search for SSL/HTTPS here.
I found the following before posting my question: FAQ - SSL Landing Pages and Tracking Links
It is not helpful however as it refers to Marketo landing pages.
My question was about the impact and experiences on Forms 2.0 embedded landing pages and Munchkin tracking code implications.
What is a Forms 2.0 embedded landing page? Do you mean a Forms 2.0 which is embedded onto a landing page?
This is my thought. You don't have to do anything as the embed code does not contain any reference to http nor https. Similarly for Munchkin as well.
The easiest way to understand this is to view your embed code and munchkin script. The forms 2.0 embed codes references //someserver.marketo.com/js/forms2/js/forms2.min.js which is already HTTP/HTTPS and it uses your munchkin ID to reference your specific instance thereafter. Same with munchkin which references //munchkin.marketo.net/munchkin.js which is already also HTTP/HTTPS and uses your munchkin ID to reference your specific instance thereafter.
If you have changed any of this default behavior, it becomes custom.
Yes, you should be fine if just your main website is HTTPS. double check the js urls though.
To answer your question yes I mean Forms 2.0 form, embedded into an external landing page (i.e. landing pages that are not hosted on Marketo but on our own website server).
The JS URLs appear to be protocol agnostic at the moment and relative. So I believe that should not be a problem but will test.
Thank you for the feedback so far.
There actually is one important detail here that may not apply to your current setup -- as Jim and Josh noted, as long as you are using the default protocol-relative URLs, you'll be fine -- but will create a problem in the most resilient embedded form configuration.
That most resilient config is when you load your forms from an LP domain to make sure they are not blocked by browser anti-tracking plugins/features. If you search the Community, you'll see that from time to time tracking blacklists will block connections to *.marketo.com (even though forms are not trackers, they are collateral damage). The recommended method to avoid this is to use a non-marketo.com domain, and typically the domain chosen is one of your LP domain aliases. But in an SSL context, that means the LP domain also needs to run SSL.
if you are going HTTPS on your side you need to ensure that your Marketo LP's are also HTTPS - It's a fairly straightforward process to get Marketo to setup SSL - just supply the cert and follow the instructions in the doc attached.
Once installed and ready to go you will need to: