Loading
Salesforce now sends email only from verified domains. Read More
Marketing Cloud Engagement
Table of Contents
Filter by (0)Add
Select Filters

          No results
          No results
          Here are some search tips

          Check the spelling of your keywords.
          Use more general search terms.
          Select fewer filters to broaden your search.

            Search all of Salesforce Help
            Search all of Salesforce Help
            SSL Certificates for Custom Domain Security

            You are here:

            1. Salesforce Help
            2. Docs
            3. Marketing Cloud Engagement

            SSL Certificates for Custom Domain Security

            Use a Secure Socket Layer (SSL) certificate to improve the security of your page-based interactions. Give your subscribers and contacts more confidence when they visit pages that you host with Marketing Cloud Engagement. A certificate adds a layer of encryption to the transfer of sensitive or personal information. This encryption helps prevent external parties from accessing information sent to or from your contacts.

            Marketing admins can secure custom domains that are either delegated to Salesforce (DNS Status is Delegated) or self-hosted (DNS Status is Self-Hosted).

            Prerequisites

            The Sender Authentication Package (SAP) or Private Domain feature must be enabled and configured in your account. For more information, contact your account executive.

            Each subdomain requires one SSL SKU.

            SSL Certificate Functionality

            Each subdomain requires a unique SSL certificate. Use SSL certificates to secure these content types:

            • CloudPages
            • Legacy landing pages
            • Email tracking links
            • View email as a web page links
            • Portfolio and Content Builder content

            You can configure a domain for a single business unit, or share a domain across many business units. The number of business units that you have doesn’t influence how many certificates are needed.

            Certificates Acquired by Salesforce

            We recommend that you use SSL certificates supplied by Salesforce to secure your domains. You acquire these certificates from Salesforce’s certificate authority, and Salesforce manages the renewal of each certificate. Salesforce uses DigiCert as the certificate authority.

            When you use a Salesforce-supplied certificate, the custom domain is secured in less than 10 days after you secure the domain with an SSL Certificate supplied by Salesforce. This option is the easiest and requires no further action from you during the installation and renewal of the certificate.

            Certificates Acquired from a Different Certificate Authority

            If you prefer to use your own SSL certificate, you can upload it to Marketing Cloud Engagement. When you bring your own SSL certificate, you’re responsible for renewing and updating it before it expires.

            • Secure a Domain with an SSL Certificate Supplied by Salesforce
              Secure a Sender Authentication Package (SAP) or CloudPages custom domain in Marketing Cloud Engagement using an SSL certificate that is provided by Salesforce.
            • Secure a Domain Using a Custom SSL Certificate
              You can obtain an SSL certificate for Marketing Cloud Engagement from a certificate authority (CA). The CA that you use must allow you to use your own certificate signing request (CSR) rather than generate one for you. Image domains do not support customer-supplied certificates as the service is delivered from shared infrastructure using common certificates.

            See Also

             
            Loading
            Salesforce Help | Article