When SSL Click Tracking is enabled on a user account, this does not enable tracking on any sub-users. Sub-user accounts must enable SSL Click Tracking separately. Additionally, SSL Click Tracking is not enabled on a per-branded link basis. Users must setup a proper SSL configuration for all the branded links you have on a user account. This guide walks through some useful steps necessary when enabling SSL Click Tracking on an account.
Create an SSL Certificate
Twilio SendGrid can't setup an SSL Certificate for you, but we do have documentation on 3 major Content Delivery Networks (CDNs). CDNs are a great option for handling security certificates for you, while quickly and easily serving content across multiple mediums. You may also check here for the steps for a custom SSL configuration.
For details on the actual creation and hosting of a SSL certificate, we recommend users reach out directly to their CDN/DNS provider. It is also important that the CDN then forwards all traffic on to sendgrid.net so we can ingest tracking details and resolve links to the correct location.
Point Link Branding domain to SSL certificate
Now that this SSL certificate is created you can now forward traffic to this cert. Just as you pointed the Link Branding CNAMEs:
sub.domain.com -> sendgrid.net
You can edit the DATA portion (sendgrid.net) in the domains DNS to point to the CDN handling your domains SSL certs. Only the first CNAME from the branded link needs to point to the CDN you are using.
Let SendGrid Support know you want SSL Click Tracking turned on
Before we can enable SSL Click Tracking, we have to ensure the following:
- The Link Branding is assigned to the user account you are requesting SSL Click Tracking on
- The Link Branding is pointing to your CDN, and not pointing at sendgrid.net.
- The Link Branding domain is terminating in a SSL connection correctly
Once SSL Click Tracking is enabled, you can check if SSL is terminating correctly by sending a test through your SendGrid account and including an HTTPS link to see if it resolves correctly. Alternatively, you can test your SSL connection at https://www.ssllabs.com/ssltest/
Notice: Once you have successfully configured your CDN, DO NOT re-verify your Link Branding. If you do attempt to re-verify your CNAME records after SSL has been set up, it will break when it doesn't see the simple CNAME record.