The importance of using an SSL Certificate secured CNAME
SSL Certificates on the Web
Web browsers use HTTP (HyperText Transfer Protocol) to create a connection to a website. Using HTTPS (HyperText Transfer Protocol Secure) guarantees the use of a secure connection. If no secure connection to a website is possible, nefarious actors could tap into traffic between the web browser and the website.
Until mid-2018 Google’s Chrome browser indicated the use of an SSL certificate in-browser by placing a green padlock icon in the address bar. Since mid-2018 this has been replaced by a grey padlock icon, and the words “Not Secure” on sites that were not using an SSL certificate.
These changes signal the fact that using SSL certificates is becoming the standard and anyone who doesn’t use SSL certificates to secure their websites runs the risk of being demoted in page rankings and blocked or penalized by browsers/platforms.
SSL Certificates in Email
Just as web browsers and other platforms are beginning to signal SSL as the standard, email clients and platforms are beginning to wake up to the risk of non-secure links with email copy.
Some ESPs have begun to enforce SSL link wrapping and some receiving platforms have begun to use non-SSL links as a Spam Score indicator, which can impact the delivery of emails.
To ensure that all ad requests and cookie-sync calls to LiveIntent are sent over secure https protocols, please adhere to the guidelines for setting up an SSL CNAME with LiveIntent.
For further questions about CNAMEs, please refer to the CNAME FAQ.
Google Chrome September 2020 Update
In September 2020, Google extended the adoption of its “blocking mixed content” policy in the Chrome browser making the blocking of “insecure http:// subresources on https:// (SSL secured) pages” a default setting. This puts an increased emphasis on updating to an SSL CNAME, as non-secure elements (including LiveTags) will now be blocked by default on https web pages. For example, if a newsletter’s “view in browser” link directs to an https address while the LiveTags are still using a non-secure (http) CNAME, the LiveTag image will now display a broken thumbnail icon as opposed to the actual ad image.
PLEASE NOTE: This is a default Chrome browser setting and will likely only continue to expand in future releases. A user still has the ability to edit each domain’s site settings and ALLOW “Insecure Content” within their local browser.
More information can be found on the Chromium blog.