Closed cilliemalan closed 3 years ago
@cilliemalan
Sorry you ran into trouble with this. To get link branding to work with HSTS you need to use a CDN to hand the certificate handoffs. I would recommend taking a look at the docs here.
@kylearoberts having a CDN works ... in times of letsencrypt ... sendgrid could handle SSL termination as well?! Just a thought ;)
Or maybe a check before setting up the link branding. If you can verify DNS records you can also ping to see if there is a HSTS header present.
Expected content
Perhaps there should be something in the documentation noting that link branding doesn't utilize https and thus won't work for HSTS domains where
IncludeSubdomains
is set. If one were to enable link branding with a hsts domain the links would be unusable and would only show a security error page when clicked.This problem may be mitigated by not specifying
IncludeSubdomains
for sites on the top level domain. However, ifIncludeSubdomains
is already set with the recommended expiry of 6 months or ifpreload
is specified, it would probably be too late already.Actual content
N/A
Link to page: https://sendgrid.com/docs/ui/account-and-settings/how-to-set-up-link-branding/