7 Replies Latest reply on Oct 20, 2016 1:10 AM by Neil Robertson-Ravo

    Adding SSL to our website - what to watch out for?

    Amr H

      Hi there,

       

      We have been using Marketo on our non-secured website.

       

      We have Marketo forms embedded directly into our Wordpress pages and we also of course have the Munchkin tracking code implemented on our pages.

       

      We want to install an SSL certificate on our server and start encrypting traffic between our website and others.

       

      What do we need to consider, which settings would need to be modified, any caveats?

       

      Thanks.

        • Re: Adding SSL to our website - what to watch out for?
          Josh Hill

          There is documentation on moving to HTTPS for your marketo linked cnames.

           

          Simply do a search for SSL/HTTPS here.

          1 of 2 people found this helpful
          • Re: Adding SSL to our website - what to watch out for?
            Sanford Whiteman

            There actually is one important detail here that may not apply to your current setup -- as Jim and Josh noted, as long as you are using the default protocol-relative URLs, you'll be fine -- but will create a problem in the most resilient embedded form configuration.

             

            That most resilient config is when you load your forms from an LP domain to make sure they are not blocked by browser anti-tracking plugins/features.  If you search the Community, you'll see that from time to time tracking blacklists will block connections to *.marketo.com (even though forms are not trackers, they are collateral damage).  The recommended method to avoid this is to use a non-marketo.com domain, and typically the domain chosen is one of your LP domain aliases. But in an SSL context, that means the LP domain also needs to run SSL.

            1 of 1 people found this helpful
            • Re: Adding SSL to our website - what to watch out for?
              Neil Robertson-Ravo

              if you are going HTTPS on your side you need to ensure that your Marketo LP's are also HTTPS - It's a fairly straightforward process to get Marketo to setup SSL - just supply the cert and follow the instructions in the doc attached.

               

              Once installed and ready to go you will need to:

               

              • Re-approve all landing pages, which you can do in bulk by going to Design Studio, then clicking on “Landing Pages”. You can now multi-select pages and unapproved and approve again via the “Landing Page Actions” menu.
              • It is also recommended to change all images, JavaScript files and other external links in landing pages to HTTPS, otherwise users may get an “Insecure Content on Secure Pages” error. Also update any images that are hard-coded into the template.
              • If you include a Marketo landing page on a secure website using an iframe, you will need to load the secure version of the landing page, otherwise the end user will get a security warning.
              • If you use a Marketo Form on a Non-Marketo Page, you will need to update the Post URL to HTTPS.
              • If you do a server-side post to a Marketo Form and you use your CNAME as the Post URL, you also need to change that to HTTPS
              1 of 1 people found this helpful