With Google making secure sites using SSL a standard and punishing insecure sites with their Chrome browser, it is ever increasingly more important to make sure that you install an SSL certificate to your CloudPage URLs/landing pages/microsites and images hosted in Marketing Cloud.
You can either purchase the SSL certificate yourself or purchase it through Marketing Cloud as part of the Sender Authentication Package. You will need two (2) SSL certificates, (1) for the sender authentication domain and, (2) for portfolio content (must be purchased through Marketing Cloud — see below):
There are two configuration options for the SSL certificate:
- Securing microsite, landing page, or CloudPage URLs which would typically use your existing Sender Authenticated domain (e.g. pages.SAPdomain.com, cloud.SAPdomain.com, or pub.SAPdomain.com). With this option we can also secure view. and click. URLs for links within your SFMC content (e.g. view.SAPdomain.com and click.SAPdomain.com)
- Securing portfolio content URLs, which use your existing Sender Authenticated domain (e.g. image.SAPdomain.com).
As mentioned by Marketing Cloud, SSL is technically not part of the Sender Authentication Package (SAP) and can be purchased as an add-on:
SSL is not included in our Sender Authentication Package, but can be purchased as an add-on to secure microsite, landing page, or CloudPages URLs or image URLs in an account.
If purchased through Marketing Cloud, they procure the certificates through the certificate authority of DigiCert. If purchased yourself, you’ll need to provide the Certificate Signing Request (CSR) to support and a copy of the certificate as well as the intermediate/chain link certificate.
Certificates for portfolio/image content will need to be purchased through Marketing Cloud as they use the image host Akamai for the certificate.
The SSL certificate for links (beginning with click. and view.), you will need to decide if you would like references made directly to HTTP to work as-is or to be forced to be redirected to HTTPS. General link pathways will default to the HTTPS regardless of the redirect.
If the force redirect feature is used, take into account current pages that are coded in just HTTP as there can be mixed content errors or hard coded HTTP, etc.)
You will need to reach out to your Account Executive or Marketing Cloud support to begin the process of installing an SSL certificate to your Marketing Cloud domains.