I’ve noticed, as more sites are enabling SSL on their websites (a good thing!), that not everyone is doing it completely right, and ending up with “Mixed Content” warnings in the browsers. (In Chrome, you get the yellow lock symbol next to the address bar, instead of the green lock).
In this particular case, using Chrome’s Developer Tools, I was able to see another error message that indicated the problem was a MailChimp sign-up form. The target of the form was an insecure http:// URL. So even though the users are on a secure HTTPS page, the browser is warning because they’ll be submitted to an insecure location.
The warning is:
“Mixed Content: The page at ‘<your site URL>’ was loaded over a secure connection, but contains a form which targets an insecure endpoint ‘http://<username>.us1.list-manage1.com/subscribe/post?u=fbd8bbb58a37fa5979287ec13&id=11f061f4a6’. This endpoint should be made available over a secure connection.”
If you’re familiar with implementing HTTPS, you’d think the solution would be to switch the form target to a https:// version of the URL, or even a protocol-less URL (just the // without the http: or https:). Unfortunately this doesn’t work with MailChimp.
You also need to change the domain name from list-manage1.com to list-manage.com.
Once you change that domain (in addition to making it HTTPS or protocol-less) the warning will go away.