Http to Https redirect after SSL encription

I am talking here about very large accounts. Very unlikely that they will let anyone doing this

I agree. Even small accounts will break stuff if they don't plan.  The payoff is great, and it's the next step to getting into browsers' inbuilt HSTS lists, which is when real security happens. But not an overnight thing.

So this does not tell me how Dan got his migration go so smoothly....

Me neither! I can't see program tokens (let alone my beloved Velocity tokens) being safely translated on-the-fly to the secure domain.

We are actually starting SSL migration as well. We have been working with John Mattos (W) from Marketo and he recently published this post​.

During the discovery calls we were assured that no changes/updates to emails/email templates would be needed and the only assets we would need to update are:

Landing Page templates

Landing pages (if they were not created from the above templates or if some insecure assets are referred to from the page editor)

Snippets

Update CSS files and import them using "Replace image or file"

All the assets, except css files, could be worked on and kept in draft mode until the cutoff which allows some time for us as we have a lot of templates and landing pages.

The rules governing insecure content are established by the W3C, so im not sure where you heard that. It's 100% true that if you refer to a non http asset in an secure page, you'll see a warning in MOST browsers (its browser dependent). The most glaring of these will be scripts and CSS files, which will actually not work. Images will yield a warning, but will render.

Well,

Editing all LP's and LP templates, snippets and CSS might already be a cumbersome job!

-Greg

Editing all LP's and LP templates, snippets and CSS might already be a cumbersome job!

Yeah, that's hardly comforting, I know.

And it's definitely not true that all links in emails will be rewritten. They may still work, but they won't be secure -- which was the whole idea in the first place, right?

We have gone through this exercise with a client as well.  See here for details: https://salytics.com/ssl/

Hi Ben,

We're using postman to run the APIs and when I run the get landing page content API through API collection runner am not able to download the iterations response body which has the Landing page content. Do you have or know how to do that or any alternative way of doing this task

I added a SSL cert to Marketo LPs awhile ago and the labor for me was in updating the CSS at the template level. Reviewing and re-approving impacted LPs was not that difficult. The file library does automatically update, so that was easy, but it is worth checking to ensure you are using Marketo assets (like images) on non-Marketo pages - or at least ensure those are updated.

As for the overwhelming amount of LPs to audit, it would be a good practice to figure out a way to manage these, regardless of whether you have to for this project. There are ways that make managing hundreds/thousands of LPs sustainable, but they do usually start with a little bit of manual tracking of what is active, what is redirected and when things were last updated. I really love occasionally downloading the list of LPs from Design Studio from time to time to review these.

Good luck!