I have a site running on an https:// domain. I have a email subscribe form on the site that uses the code generated by Campaign Monitor. The form looks like this:
<form action="http://campaign.MY-DOMAIN-INFO-HERE.com/t/r/s/itbtjh/" method="post" class="rssEmailSub"> <input id="fieldEmail" name="cm-itbtjh-itbtjh" type="email" required /> <button type="submit">Subscribe</button> </form>
Where "MY-DOMAIN-INFO-HERE" is replaced with the correct domain name.
This form works, it allows me to enter an email address, submit the form, and have that email added to the subscriber list.
But Chrome warns me about submitting the data from a secure server to an insecure server.
After searching around, I found this article:
specifically this line:
To create a secure, encrypted form you can manually change the form action to use https:// instead of http://
So I changed it to https:// and attempted to fill out the form, and got a page that could potentially be scary to readers. That page had the following:
Your connection is not private Attackers might be trying to steal your information from campaign.quantumdynamix.net (for example, passwords, messages, or credit cards).
Now, since this is a website for a financial institution, a warning like this just won't do. And neither would messages about insecure form submissions.
Does that article need updated? Is there something else that needs done for secure connections?
Thanks for getting in touch! You might try instead using your *.createsend.com address in your form code:
Our SSL support isn't available for custom domains because we need to own the domain we set up the SSL certificate, but we can offer it for *.createsend.com URLs.
Give this a try and see if it works better for you! If you still have issues, be sure to get in touch with us at support. :)
Thanks. That was what I needed to fix it. :)