CMS-General

Resolve mixed content warnings on an SSL site

Last updated: September 13, 2018

Applies to:

Marketing Hub
marketing-basic-pro-enterprise
Basic, Professional, Enterprise

If your HubSpot-hosted website is set up using SSL (HTTPS), assets being loaded over HTTP will be blocked from loading by your browser. HubSpot automatically ensures all HubSpot-hosted resources are protocol-less to ensure they load without issue. However, if you are loading assets from an external server via HTTP, the asset will not load once SSL is enabled.

You can see any assets that are being blocked in the Javascript console of your browser's developer tools.

To resolve mixed content warnings for resources loaded from a non-HubSpot domain, use the HTTPS version of the URL, if possible. If the external site does not support HTTPS requests, you will need to contact that domain's admin to see if they can make their content available over HTTPS. As an alternative, if the source file does not support HTTPS, upload the asset to your file manager, and reference that URL instead. 

Mixed-content warningsUsing Developer Tools' Console can help you identify which files are being blocked. Below are some typical locations in HubSpot that may make requests to these non-secure resources. 

References in stylesheets or scripts

One of the most common sources of mixed content warnings are non-HubSpot hosted files in your site's stylesheet. 

  • @font-face references that load externally-hosted fonts
  • Background image urls 
  • @imports of external stylesheets

Additionally, if you are using custom scripts that reference any external assets, you will want to update those files as well.

Scripts and stylesheets

If you are attaching external stylesheets to the <head> section or footer of your site, your template, or your page, you will need to ensure that these files support HTTPS requests. These references can be added to HubSpot in the following locations:

Website settings

  • In your HubSpot account, click the settings icon settings in the main navigation bar.
  • In the left sidebar menu, navigate to Website > Pages.
  • Use the Modifying dropdown menu to choose the domain where you're attaching the stylesheets. You can also choose All domains to attach the stylesheet to all of your HubSpot-hosted domains.
  • Locate the Site header HTML and/or Site footer HTML fields. 

Blog settings

  • In your HubSpot account, click the settings icon settings in the main navigation bar. 
  • In the left sidebar menu, navigate to Website > Blog
  • Use the Select a blog to modify dropdown menu to select a blog to edit. 
  • Click the Templates tab.
  • Locate the HTML section.

Design manager

  • In your HubSpot account, navigate to Marketing > Files and Templates > Design Tools.
  • Select a template from the finder, then update the Additional <head> markup section.

Page editor

Images

If you have images in your content that load off external URLs, you will want to try making their src attributes to be HTTPS. 

If HTTPS is not supported by the external server, you can upload those images to your file manager. You can learn more about uploading assets to your file manager in this article

cdn1.hubspot.com

Assets hosted on cdn1.hubspot.com do not support HTTPS requests. To resolve this issue, locate the file in your file manager and clone it. After cloning the file, copy the new file URL and update the reference.

Use relative URLs

Check to see if your assets and images are using relative URLs instead, such as "//www.mysite.com/myimage.png" or "//www.mysite.com/my-asset-location".

Relative URLs don't use protocols (don't have "http" or "https") and will load under whichever protocol is set.

Mixed-content warnings

Was this article helpful?

If you still need help you can get answers from the , or to contact support.

Free Inbound Marketing Training Learn inbound marketing techniques that range from creating content, using  social promotion, converting and nurturing leads, and all the way to marketing  to your customers. Start the course