Our web people are switching our website to https pages (instead of http) and all of our asset download forms have disappeared.
Anyone know of any restrictions?
Marketo forms work just fine on secure pages, assuming you're using the default embed code.
What doesn't work is if for some reason you're embedding entire Marketo LPs as IFRAMEs in your site, and your LP domain isn't set up w/SSL at Marketo (n.b. this costs $ to add to your subscription). This isn't a Marketo restriction, it's a browser security measure that applies to all IFRAMEs.
I've encountered a similar issue where our site is https, but when I try to embed a form using the provided code, I get a "Failed to load resource: net::ERR_INSECURE_RESPONSE" error in Chrome. I'm not trying to embed a LP, just the form.
Please provide your URL so I can inspect your case.
Sorry, it's only available on an internal network.
The script is standard:
<script>MktoForms2.loadForm("//dev.amazonappservices.com", "070-JMM-398", 560);</script>
This is self-evidently broken: you're trying to load from your LP domain over https:// but your Marketo instance doesn't have a cert.
The default embed code loads from //<instance>.marketo.com, which has a matching cert.
See this thread from just yesterday: Turning on Https - munchkin issues , landing page issues?
I'm not a Marketo user, just a content guy who's trying to figure out how to get the form into our page. It's not self-evident to me, as I'm not familiar with landing pages, forms, etc.
I just created a new form in Marketo, approved it and brought up the embed code. The code (same as what I pasted above) is what I was given. So, I guess that's not the default? I understand what you're saying, but I'm working with a form, not a landing page, as far as I can tell. I don't understand why it would give me the LP domain if it's a form...
I mean it's self-evident in the sense that the browser error (ERR_INSECURE_RESPONSE) and the fact that https://dev.amazonappservices.com doesn't have a cert installed (you can test it in your browser) make it clear that including the script from that domain won't work.
It'd be the same for any <script src="//something.example.com"> when it's loaded from https://www.example.com (or https://another.example.net) while something.example.com doesn't have a matching cert.
dev.amazonappservices.com is your primary LP domain (there's no such thing as a special form domain) but it shouldn't be inserted into in your embed code unless you have an SSL cert paid for, uploaded to Marketo, and installed by Marketo's engineering team. Maybe that process is currently in progress, but If they've jumped the gun and changed your instance to use that domain without it actually being able to work, that's really bad. I sure hope they haven't pushed this change to other instances without thinking it through.
You'll be able to load the form if you use your instance //app-ab09.marketo.com, as demonstrated here: https://codepen.io/figureone/pen/63e5cc4236663a4e04d23988fefd6d13
I'll have our email peeps look into the account and see why it's defaulting to the LP domain. At the very least, we definitely need to get the cert set up.
Replacing the domain with "app-ab09.marketo.com" worked. Thanks again for your help!