Skip to main content
Solved

Unsubscibe links to an unknown and unsecure page

  • September 2, 2022
  • 5 replies
  • 328 views

Forum|alt.badge.img+5

Hi, I have a problem that the Unsubscibe link, links to an unknown and unsecure page. You know when the browser state that the landing page is unsecure and donsent recommend you to proceed.

How to solve this?
Dedicated sending domain?

The funny thing is, that its only a problem at some mail clients, any anwsers to this?

Best answer by alex.hong

Hi there @Henrik 8k ,

Welcome to the Community.

I have investigated further and I believe this is because our Hosted Pages do not support SSL certification from within your account at this time. This is something we have open feedback with our engineering team to offer but as of right now we do not have a timeframe when this will be evaluated and worked on. 

While you can't enable an SSL certificate with your account, you can use an HTTP proxy to handle SSL certification (thus resolving the warning from being presented on the hosted pages). This can be done via a CDN like Cloudflare, Fastly, Cloudfront, etc... 

For example, Cloudflare is a free provider of such a service. Once you've signed up for a Cloudflare account (or similar provider) and connected your site, you can manage DNS records within Cloudflare. Add a CNAME record that points to your desired hosted page and make sure the option for HTTP proxy is included (orange cloud icon vs. grey cloud icon). 

?name=binary__1041%C3%97130_.png

You may need to toggle the cloud icon on/off after adding the record. Navigate back to the hosted page and observe that the security warning is no longer present.

The steps are similar to our guide on setting up SSL for dedicated click tracking.

 

Thanks!
Alex

View original
Did this topic or the replies in the thread help you find an answer to your question?

5 replies

alex.hong
Forum|alt.badge.img+58
  • Klaviyo Alum
  • 1552 replies
  • Answer
  • September 2, 2022

Hi there @Henrik 8k ,

Welcome to the Community.

I have investigated further and I believe this is because our Hosted Pages do not support SSL certification from within your account at this time. This is something we have open feedback with our engineering team to offer but as of right now we do not have a timeframe when this will be evaluated and worked on. 

While you can't enable an SSL certificate with your account, you can use an HTTP proxy to handle SSL certification (thus resolving the warning from being presented on the hosted pages). This can be done via a CDN like Cloudflare, Fastly, Cloudfront, etc... 

For example, Cloudflare is a free provider of such a service. Once you've signed up for a Cloudflare account (or similar provider) and connected your site, you can manage DNS records within Cloudflare. Add a CNAME record that points to your desired hosted page and make sure the option for HTTP proxy is included (orange cloud icon vs. grey cloud icon). 

?name=binary__1041%C3%97130_.png

You may need to toggle the cloud icon on/off after adding the record. Navigate back to the hosted page and observe that the security warning is no longer present.

The steps are similar to our guide on setting up SSL for dedicated click tracking.

 

Thanks!
Alex


Forum|alt.badge.img+5
  • Author
  • Partner - Gold
  • 6 replies
  • September 5, 2022

Hi Alex,

Thanks for your reply.

And yes correct, its because SSL certification is missing.

But can I setup your suggestions when not using a dedicated sending domain?

Or is it here the proxy setup comes into action?


The unsubscribe page is hosted at your domain https://manage.kmail-lists.com/subscriptions/unsubscribe

But as I see your unsubscribe link is https?

 

Or else please make a guide what to insert where :)

Thanks for your help.

 


Forum|alt.badge.img+5
  • Author
  • Partner - Gold
  • 6 replies
  • September 6, 2022

One more thing.

In general its important that the user can unsubscribe, so we need to solve this and II think its important that you developer team are prioritizing this and add SSL to the domain.

Hope you understand🙏


alex.hong
Forum|alt.badge.img+58
  • Klaviyo Alum
  • 1552 replies
  • September 6, 2022

@Henrik 8k ,

The recommendation of the team in this case will be to use a dedicated domain for your pages, which will require the addition of CNAME records to your DNS.  The instructions to complete this can be found in this article.  Once you've completed those steps, these links should be secure by default.


Let us know if that helped,

Alex
 


Forum|alt.badge.img+5
  • Author
  • Partner - Gold
  • 6 replies
  • September 7, 2022

Hi Alex,

Thanks for your reply.

Arh ok, I can setup at dedicated domain to th eunsubscribe page without setting up at dedicated sending domain. This should solve the matter, but we need to add the subdomain and ensure we have SSL certificate attached.

But please let me know, if you add SSL to your domain, because that would be easier.

Thanks.