how to get https from tracking domain ?

[AHK]

Hello,

in tracking option i have added one domain like tracking.mydomain.com and its working. but i want to make it with SSL like

https://tracking.mydomain.com

How can i do that ?

Thanks

 

[twisted1919]

Go to Backend > Settings > System urls. Change the scheme to https and save the settings. That's it.
P.S: Make sure you have a valid ssl certificate for your tracking domains.

 

[Lakjin]

Go to Backend > Settings > System urls. Change the scheme to https and save the settings. That's it.
P.S: Make sure you have a valid ssl certificate for your tracking domains.

This does not work. I have HTTPS scheme enabled in backend, but tracking domain still uses HTTP.

 

[twisted1919]

but tracking domain still uses HTTP.

This is by design, otherwise you'd have to have a ssl certificate for each tracking domain.

 

[frm.mwz]

you'd have to have a ssl certificate for each tracking domain

As long as it is not more than 100/200 you can use free ssl certificates:
https://forum.mailwizz.com/threads/free-ssl-certificates.3146

 

[Lakjin]

This is by design, otherwise you'd have to have a ssl certificate for each tracking domain.

I know. I want to use HTTPS for tracking domain. I have valid SSL certificates. Is it possible to enable it?

 

[frm.mwz]

I know. I want to use HTTPS for tracking domain. I have valid SSL certificates. Is it possible to enable it?

Yes, just see what I posted before re 'force https'

 

[Lakjin]

Yes, just see what I posted before re 'force https'

What post are you referring to?

 

[twisted1919]

@Lakjin - We're doing signifiant efforts to force the http bit instead of https. You can try your changes via .htaccess.

 

[Sandeep Saxena]

Hi, this information on system URLs page is not correct I think because tracking domains are not pointing to https.

"Please note that selecting the https scheme will affect the application if you are running tracking domains since all those tracking domains must also have a valid ssl certificate."

 

[twisted1919]

@Sandeep Saxena - As i said above, we force tracking domains to work on http, because of the https ssl certificates.

 

[adamx]

Still, when an email is sent to Gmail and the user clicks on the link, Gmail notifies the user that the URL is about to click is NOT TRUSTED.
- the tracking domain has certificate
- is not the main domain of the mailwizz app but a subdomain used by a client (track.domain.com)
- in admin settings is set as HTTPS

So how can we have the links in the emails to start with https instead of http?

 

[twisted1919]

- the tracking domain has certificate

It doesn't matter. mailwizz forces http anyway for the reason we explained above.

 

[adamx]

There won't be any domains left without a ssl certificate pretty soon.
Especially now when you can get free letsencrypt certificates.
Can you please guide me to the right file where I can specify that the link the system inserts in the emails it sends should be https and not http?

 

[twisted1919]

There won't be any domains left without a ssl certificate pretty soon.
Especially now when you can get free letsencrypt certificates.

I know, but till then we are where we are.

Can you please guide me to the right file where I can specify that the link the system inserts in the emails it sends should be https and not http?

see /apps/common/models/DeliveryServer.php around line 2197

 

[adamx]

It works like a charm, thank you!

 

[frm.mwz]

If you set your server to force httpS, then links without ssl will still be changed from http to httpS

 

[adamx]

@frm.mwz Yeah, no worries about that. Once a user sets his subdomain for tracking, I generate a let's encrypt certificate (manually) with auto-renew and everybody is happy. Thats why I needed where to make the change to force https instead of http and twisted was most helpful.

 

[frm.mwz]

@frm.mwz Yeah, no worries about that. Once a user sets his subdomain for tracking, I generate a let's encrypt certificate (manually) with auto-renew and everybody is happy. Thats why I needed where to make the change to force https instead of http and twisted was most helpful.

B/c of the server-wide setting, the extra steps you mentioned can be avoided. We never had to take them, also no code change. So I thought it might be useful.

 

[adamx]

Is not about the server being accessed on https because I already set it to force https, but the actual link in the email the user gets
If you want to avoid Gmail telling the users "Hey, the link is not safe" which translates in "you better not click on that link" then the links in the email need to start with https not http.