Skip to main content
Branding mascot

Welcome! How can we help you?

Got a Question? Ask our Community!

Have a question, or a tip or trick to share! Sign in with your Thryv credentials and post in our User Community!

Master Thryv Like a Pro!

Sign in and take our self-guided courses to maximize your experience and boost productivity!

You appear to be not logged in so your learning paths progress may not be saved.

Resolved: Privacy Warning When Contacts Click Email Links in Keap

Product Success Team
  • Updated
  • Keap-All Editions

This is a resolved known issue. Between January 13 and late January 2020, some contacts clicking links in Keap emails encountered a Google privacy or security warning in their browser stating that the connection to the site was not private or secure. Keap identified the root cause and resolved the issue by switching the email link tracking service from a Google-owned domain to a Keap-owned domain. Most affected links began working correctly without displaying the warning shortly after the fix was deployed.

This article explains what caused the issue, what Keap did to resolve it, and what to do if a contact reports still seeing a privacy warning when clicking a link in your email.

What Caused the Privacy Warning

The privacy warning was triggered by two separate but related changes that occurred in January 2020.

Browser security protocol update — Google released Chrome version 79 in early January 2020, which ended support for older versions of the TLS security protocol (TLS 1.0 and TLS 1.1). Other major browsers followed within days. When a contact's browser attempted to connect to a site through an Internet Service Provider (ISP) proxy server that had not yet updated to support the newer TLS versions, the browser displayed a privacy or security warning instead of loading the page. For more technical detail on this change, see Google's announcement on the Chrome blog.

SSL key change on Google's appspot.com domain — On January 21, 2020, Google changed the SSL certificate key for the appspot.com domain. At the time, Keap's email link tracking service — the service that records who clicked links in your emails for reporting purposes — used the appspot.com domain. For a secure browser connection, the SSL key on the browser and the SSL key on the server must match. When Google changed the key, it took time to propagate across the internet, causing mismatches that triggered the privacy warning for some contacts during the propagation window.

The issue affected only a small percentage of email recipients across the Keap user base. Email open and click rates across the platform showed no negative trend during the affected period.

Example of the Google privacy warning screen that affected contacts saw when clicking a tracked email link during the January 2020 incident. The warning states that the connection is not private and displays options to go back or proceed. Graph showing Keap platform-wide email open and click rates during the January 2020 period. The graph shows no negative trend in overall open or click rates across the user base during the affected period, indicating the issue affected only a small percentage of recipients.

How Keap Resolved the Issue

The root cause of the issue — Google's SSL key change on the appspot.com domain — was outside of Keap's direct control. However, Keap identified an additional contributing factor: thousands of applications use the Google-owned appspot.com domain, which means the reputation of that domain is shared across all of them and can be affected by other applications' behavior. Some ISPs also route requests to appspot.com domains through additional security servers, which added to the problem.

To resolve the issue and prevent it from recurring, Keap switched the email link tracking service from the Google-owned appspot.com domain to a Keap-owned domain. Using a Keap-owned domain gives Keap direct control over the domain's SSL configuration and sending reputation going forward. The switch was completed in late January 2020 and resolved the privacy warning for the vast majority of affected contacts.

What to Do If a Contact Still Sees a Privacy Warning

In rare cases, a contact may still encounter a privacy warning when clicking a link in your email — for example, if their ISP's proxy server has not updated its security configuration. If a contact reports seeing a privacy or security warning after clicking one of your email links, use the following steps to diagnose the issue and provide guidance.

Step 1 — Ask the contact to check the certificate owner. Ask the contact to click the lock icon next to the URL in their browser's address bar and select Certificate or Certificate information. In the certificate details, the owner of the certificate should be Google. If the owner is not Google, ask the contact to take a screenshot of the certificate details and send it to you, then forward the screenshot to Keap support for investigation.

Browser certificate details panel showing the certificate information for a tracked email link. The panel displays the certificate owner, which should be listed as Google. If the owner shown is not Google, the contact should take a screenshot and send it to Keap support.

Step 2 — If the certificate is owned by Google, advise the contact to proceed. If the certificate owner is confirmed as Google, the warning is being caused by a temporary propagation or ISP configuration delay rather than a security threat. Advise the contact to click the Advanced link on the warning page and then click the option to proceed to the site. The link destination is safe to visit.

If the issue persists for multiple contacts or you are unable to determine the cause, contact Keap support with the affected contact's screenshot and the URL of the link that triggered the warning.

Related articles

Comments

0 comments

Can't find what you are looking for?

Our customer support team is available 24/7 by online chat, phone, or email

© 2026 Thryv, Inc. All rights reserved.