Issue::
Link Redirection Through Email leading to ‘Connection Not Private/404 Error’
(Example Values to be used here
Primary Domain:: kytes.app,
Redirection URL:: https://live.kytes.app/ )
Understanding the Flow::
Checklist::
- · DKIM/SPF authentication for the domain should be done
- · Check if the issue is persisting with other domains of the account, if any
- · Check in Pepipost Panel/SendGrid if all the records are in place and not broken
- · Email Link Domain should be connected
- · Create a sample template on your own with a redirection link of your choice and check if the issue persists
- · SSL configuration should be in place, if certificate is issued
Steps For Resolution::
If the issue persists with the aforementioned checks, Please follow the below steps for resolution
- · Firstly, configure the CNAME record for the sub-domain click.kytes.app to e-in21.gtolink.in and verify the mapping à At this stage, the mapping is enabled on HTTP
- · Second step is to point click.kytes.app to secure-in21.gtolink.in once the Email Link Domain is connected à At this stage, the mapping is enabled on HTTPS
- · A backend setting needs to be updated post the above configuration. Raise to SRE to enable ‘EmailTrackingServer’ at the backend (Table:: Setting_Base) for the tenant
Additionally, since the issue is with the redirection URL delivery.kytes.app, this too has to be pointed to secure-in21.gtolink.in once the above is done.
Issue a Wildcard Certificate for the domain as securing every sub-domain is imperative. A Wildcard certificate has the flexibility to secure the primary domain and first level subdomains on a single certificate. A wildcard certificate will have domain representation as *.kytes.app. This can either be done by the clients themselves or issued from LeadSquared.
From our end, SRE will do the necessary configuration and share a CNAME record for the domain *.kytes.app which needs to be added by the customer. Once done, the certificate will be issued from AWS (Amazon Web Services) post validation of the records.
The issued certificate is attached to the AWS load balancer which is responsible for routing the incoming redirection requests to the specified targets. Once this is done, the configuration is completed and the certificate will be issued to kytes.app
Hence, considering redirection URL:: https://live.kytes.app/
Incorrect Configuration of SSL::
Valid Configuration::
3. Pepipost Dependency:: (Not applicable if Email Service provider is different)
The redirection link request is initiated from the browser via click.domain.com. For this scenario, it should be click.kytes.app. For the current scenario, it was being initiated from delivery.kytes.app (This belongs to Pepipost Team and LeadSquared URL is being overridden here by this)
Current Redirection::
Pepipost Team would need the SSL certificate issued for the domain to fix the issue at their end. However, SSL certificate being a public certificate is non-exportable and can’t be provided to a third party.
Alternatively, we can follow the below steps in Pepipost Panel (https://app.pepipost.com/) and disable the click tracking to fix this::
· Navigate to Settings > Sending Domains
· Click on View Settings for the desired domain
·
Go
to Tracking Settings > Disable the Click Tracking
NOTE::
1. The Click Tracking will have to disabled for both main account as well as the sub-account, if any. If disabled for the main account and enabled for the secondary domain, the configuration will be still considered as ‘Enabled’ as the sub account will be having a shared domain
2. Disabling the Click Tracking here will not affect the Open/Click % of the Campaign as the same is taken care by LeadSquared at code level and this is just an additional layer
The above settings, to summarize, Email Link Domain and delivery domain pointed to secured value, SSL Issued to the primary domain and click tracking disabled in Pepipost will fix the redirection issue.
