Set up SSL for click tracking

Issue

Links in Leanplum emails are redirecting users to a connection warning page that says "Your connection is not private."

connectionwarning.png

(Note that this warning may look different in different browsers.)


What's causing this?
Links generated by Leanplum’s email service provider (ESP) are non-secure (http) by default. Some users may not have a problem with these links.

But, if a user has already been to the secure domain (https), that user's browser (Chrome, Safari, Internet Explorer) will likely cache the secure page. Once the secure page is cached in their browser, clicking a non-secure link from the email can cause the error page to appear. 

How to resolve

To resolve this for all users, Leanplum supports SSL for click and open tracking through our ESP. You can set up SSL for click and open tracking for a whitelabeled domain, but additional configuration for SSL keys is required.

SSL (Secure Sockets Layer) is the standard security technology for creating an encrypted link between a web server and a browser, which ensures that all data passed between the web server and browsers stays private.

Step 1: Choose an SSL setup option

Option 1. Use a CDN service, such as CloudFlare, Fastly, or KeyCDN to manage certificates and keys for your assigned Leanplum whitelabel domain link.

Option 2. Create a custom SSL configuration. These services can then forward traffic onwards to SendGrid so that click and open tracking can be performed. See below for details on Sendgrid's custom SSL setup steps. (Please work with your development team to ensure that your server is configured correctly.)

1. Make sure your subdomain “mailing.example.com” is forwarded to “sendgrid.net”

2. Create and add your SSL certificates to your server (i.e.
nginx-example.conf file).

 ssl on;
  ssl_certificate /etc/nginx/ssl/example.crt;
  ssl_certificate_key /etc/nginx/ssl/example.key;

3. Adjust your server configuration file to handle the Host header (i.e. nginx-example.conf file).

 location / {
   proxy_pass http://127.0.0.1:8080;
   # Forward the Host header, which is used to route requests for    # static content published from Example apps.    proxy_set_header Host $http_host;
}

 

4. Point the CNAME record to your proxy via your domain registrar (e.g.
godaddy.com, domains.google.com, etc.)

Step 2: Inform Leanplum

Once the SSL setup is complete, please email support@leanplum.com or update your existing ticket so that we can enable SSL click and open tracking with our ESP. 

 

 


Was this article helpful?
Have more questions? Submit a request