Home›Knowledge Base›How to Host Your BIMI Logo and Certificate

How to Host Your BIMI Logo and Certificate

Published On: June 23, 2026Read Time: 4 minutes

Direct Answer

The BIMI logo (SVG file) and the certificate (VMC or CMC PEM file) must each be hosted at a publicly accessible HTTPS URL that returns a 200 response with no redirects. Proper hosting is a key requirement for BIMI setup, as the URLs are referenced in the BIMI DNS record’s l= tag (logo) and a= tag (certificate). Hosting can be on your own web server, a CDN, or any static file host — what matters is the delivery characteristics, not the specific platform.

Hosting Requirements by File

Requirement	Logo (SVG)	Certificate (PEM)
Served over HTTPS (not HTTP)	Required	Required
Returns HTTP 200 directly (no redirects)	Required	Required
Publicly accessible without authentication	Required	Required
Correct MIME type (`image/svg+xml`)	Required	N/A (PEM)
File served without `X-Frame-Options` blocking	Required	N/A
URL must be stable (permanent hosting)	Required	Required
SVG Tiny PS format validated	Required	N/A

MIME Type Configuration

Some web servers and CDNs serve SVG files with incorrect MIME types by default. The SVG file must be served with Content-Type: image/svg+xml. Serving it as application/octet-stream, text/plain, or any other type can cause BIMI validators to reject the file even if the URL resolves correctly. Verify the MIME type by inspecting the response headers directly — the BIMI checker reports this as part of its output.

URL Stability

The URLs referenced in the BIMI DNS record must remain accessible for the entire validity period of the certificate. Moving the files, changing the URL structure, or letting the domain expire will break the reference and halt logo display. There is no mechanism for the DNS record to “follow” a redirect — mailbox providers require a direct 200 response at the exact URL.

Do not host the SVG or certificate on a URL that will change during platform migrations, CMS updates, or CDN reconfigurations. Use a dedicated, stable path (e.g., https://yourdomain.com/bimi/logo.svg) that is not tied to CMS routing logic.

Managed Hosting vs. Self-Hosting

Certificate providers often offer managed hosting for both the certificate and the logo as part of their service. This removes the operational burden of ensuring uptime, MIME type correctness, and URL stability. Self-hosting is fully valid and sometimes preferred for control over the asset location, but requires more infrastructure management. If your certificate is managed by VMCcerts, the certificate file URL is handled as part of that service — verify the a= URL in your BIMI record matches what was provided.

Frequently Asked Questions

Can I host the logo on a CDN like Cloudflare or AWS CloudFront?

Yes, CDN hosting works as long as the delivery requirements are met: HTTPS, direct 200 response, correct MIME type, no authentication, stable URL. Ensure the CDN is not configured to redirect HTTP to HTTPS at a URL that differs from what is in the BIMI record, as that would create a redirect chain.

Does the SVG logo have to be hosted on the same domain as the sending domain?

No. The BIMI specification does not require the logo URL to match the sending domain. You can host the SVG on a CDN, a separate hosting domain, or an assets subdomain. What matters is that the URL is publicly accessible, serves the correct MIME type, and returns a valid SVG Tiny PS file.

What happens if the SVG or certificate URL goes down temporarily?

If the provider cannot fetch the file at the time a message is evaluated, logo display for that message will be skipped. There is no cached fallback at the provider level in most implementations. A brief outage affects display for the duration of the outage only; it does not invalidate the BIMI setup permanently. Prolonged unavailability may affect whether email clients show BIMI logo branding for a broader set of messages, depending on provider caching behavior.