9 Replies Latest reply on Jul 19, 2017 3:43 PM by Sanford Whiteman

    General: SSL switch checklist?

    Charles Sanderson

      We're switching our site to an SSL certificate. We've done a switch this morning, and began testing. Nothing seems out of the ordinary so far. I've tested the three or four forms we've embedded in the site. We don't have anything more advanced set up with Marketo just yet. Marketo seems to be logging form posts... Munchkin even seemed to remember me.

       

      But, of course, I can't believe it would've gone that smoothly! Such a paranoid pessimist. I swear I'd read somewhere there can be issues with forms or tracking, when switching to a security certificate. Unless, maybe we were lucky and had Marketo already set up to avoid problems.

       

      So, my question is: When setting up SSL on a website with Marketo components embedded, What are the things I should be checking for. Settings to set, switches to flip, i's to dot, t's to cross?

        • Re: General: SSL switch checklist?
          Grégoire Michel

          HI Charles,

           

          The more annoying point comes from the images in landing pages. Marketo does not store their URL in relative format (starting with //) but rather in absolute (starting with http://). And someone displaying a SSL enabled LP with a non SSL image is likely to get an "unsecure content" alert. So you have to go through all LP's and update the images.

           

          For the rest, normally, forms JS libraries are called in relative mode and upgrade seemlessly. And for emails, http:// images will not cause  any issue since Marketo provides a redirect and you do not risk "unsecure content" in emails.

           

          -Greg

          • Re: General: SSL switch checklist?
            Dory Viscogliosi

            Hey Charles, just to confirm, have you done the change with Marketo or just on your own end for the SSL certificate? The components that Greg mentioned are part of the Marketo update but sometimes people are unaware (as we were) that this is a separate update that you need to coordinate with Marketo when you change over to SSL.

             

            If you only do the SSL update on your website (not through Marketo) then you risk losing some referrer information, and URL parameter capture. I'm sure there are other issues as well, but these are two issues I've seen in the past.

            1 of 1 people found this helpful
            • Re: General: SSL switch checklist?
              Charles Sanderson

              Yes, we've only switched to SSL on our corporate site. The Marketo domain where our marketing landing pages sit, hasn't been changed to SSL.

               

              Just to be sure I understand... Do you mean referrer information being passed from the corporate site to a Marketo-based landing page? Fortunately, we don't have anything set up this way at the moment. Or is the Munchkin code missing details on any forms embedded on the corporate site?

              • Re: General: SSL switch checklist?
                frederick Honey

                With Chrome being more aggressive in marking Non-SSL pages as insecure, we've found a major problem with upgrading our main domain page, and not Marketo SSL at the same time. Chrome seems to identify the main page as secure, and see's a conflict with having the subdomain (Marketo's landing page domain) as being insecure, and gives the scary popup on most landing pages.

                 

                I wonder if someone has gone through this in the past without having to "roll back" their main-domain SSL while they wait for the Marketo SSL upgrade to occur.