I have a couple of sites that use SSL for checkout etc but not for normal pages. I have noticed that in some circumstance Chrome reports secure pages (ie login through checkout) as having mixed secure and insecure content. When I look at the page source however everything is https. Firefox etc are fine and don’t complain, it just seems to be Chrome (I’m using Chrome 16).
The scenario to replicate this is as follows:
Add something to the basket.
Go to the homepage but use https://domain.com thus forcing the page to go secure
I get mixed content warnings and can see css/js is in deed insecure - not worried about this as you should not be under SSL
Now go to checkout. Chrome still moans about mixed content but when you look at the page source all seems to be under https
I’ve replicated this in 1.4.2 and 1.6.1 so it doesn’t seem to be version specific.
Personally I don’t think it’s Magento itself but something dodgy in Chrome but wondered if anyone else has experienced this either on Magento or any other sites.
I have also seen a Magento site where if you go to the homepage under https all elements render as https so the issue doesn’t manifest.