Sendgrid links in email produce Your connection is not private error in browser

Question

Rails 5.2 SendGrid Heroku App

I have a link in an email to view a report. The links work perfectly in development.

However, when SendGrid sends the emails in production and I click on the link in the email I get the following error in the browser:

Your connection is not private
Attackers might be trying to steal your information from myapp.heroku.com (for example, passwords, messages, or credit cards). Learn more
NET::ERR_CERT_COMMON_NAME_INVALID

In my production config I have the following:

  # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
  config.force_ssl = true

config.action_mailer.default_url_options = { host: 'https://provenwordapp.heroku.com' }

From other SO users the above worked for them. However, it's not working for me.

Any help appreciated.

_“when SendGrid sends the emails in production I get the following error in the browser”_ - you mean when viewing the email already, or at the point when you try to view that specific report URL? `config.action_mailer.default_url_options` doesn’t sound like it had much to do with the latter. — CBroe, Jun 18 '18 at 10:27
updated my question to clarify. When I click the specific report url. — chell, Jun 18 '18 at 10:31

score 19 · Answer 1 · answered Jun 18 '18 at 16:35

19

Have you enabled SSL Click Tracking on your SendGrid account?

That error is generally because you're moving from an HTTPS > HTTP connection, or vice versa. If you have SendGrid's Click Tracking enabled, but don't have SSL enabled, their tracked links will be http://, even though your base link is https://.

answered Jun 18 '18 at 16:35

jacobmovingfwd

2,185
14
11

4

The hoops required to get SSL working alone caused me to just turn off Click Tracking. Reasoning being: if you are sending a link of your own, it likely goes through analytics anyway, so it's not actually "untracked" but it no longer has that spammy vibe either. – digitalextremist Jul 18 '21 at 05:06
1

@digitalextremist you are so right. I did just that. I think it is easier to track the clicks on my own than through #SendGrid – Andrei Bazanov Jul 04 '23 at 08:30

score 2 · Accepted Answer · answered Jun 19 '18 at 01:39

2

I have found the problem.

I did not use the correct URL for my app on Heroku.

config.action_mailer.default_url_options = { host: 'https://provenword.herokuapp.com' }

I had written heroku.com instead of herokuapp.com

Thanks to everyone for their assistance.

answered Jun 19 '18 at 01:39

chell

7,646
16
74
140

1

Where do I set the ``config`` like you guys are doing? – Libby Lebyane Jan 13 '21 at 08:22
That is in the environment files e.g. `config/environments/production.rb` – Peter Giacomo Lombardo Sep 18 '21 at 13:04

Sendgrid links in email produce Your connection is not private error in browser

2 Answers2