Stop MailChimp Forms Breaking Your SSL

MailChimp Logo

We recently re-designed this site, and when we did we also decided to run the site entirely over SSL.

Actually moving our site to SSL was relatively simple, but we’ve found that many web services still struggle to work correctly with SSL.

For example, we found that MailChimp, Feedburner, Amazon, dlvr.it and other RSS services didn’t seem to like any feeds served over SSL. We had to tweak our .htaccess file so that our RSS feed doesn’t use SSL.

This week we found that our MailChimp sign-up form was breaking our SSL In Chrome.

You can see our newsletter form in the sidebar of this site:

media_1409319019134.png

It took some testing to solve the problem but we managed to do it.

Inside the default MailChimp form we had code that looked like this:

{codecitation}<form action=”http://ostraining.us1.list-manage1.com/subscribe/post?u=c4fe34ed80790dd773846d4e1&amp;id=e030bfa9b8{/codecitation}

The obvious solution was to remove the http:// from the URL and replace it with // so that it reads like this:

{codecitation}<form action=”//ostraining.us1.list-manage1.com/subscribe/post?u=c4fe34ed80790dd773846d4e1&amp;id=e030bfa9b8{/codecitation}

However, by itself that wasn’t enough. By experimenting, we realized that we needed to change the MailChimp URL also. We had to change list-manage1.com to list-manage.com.

Here’s the final MailChimp URL that works behind an SSL in all browsers:

{codecitation}<form action=”//ostraining.us1.list-manage.com/subscribe/post?u=c4fe34ed80790dd773846d4e1&amp;id=e030bfa9b8{/codecitation}

Update: replace // with https:// so that the form is always secure.

I expect we’ll run into more SSL problems as a relatively early adopter. We’ll try to post solutions as we find them and hopefully services like MailChimp will adapt to make SSL use easier.

Instructor

  • Steve is the founder of OSTraining. Originally from the UK, he now lives in Sarasota in the USA. Steve's work straddles the line between teaching and web development.

0 0 votes
Blog Rating
Subscribe
Notify of
25 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
Hbrow

Thanks a lot. This was becoming a headache.

Nick

You’re very welcome, Hbrow! Glad it was helpful.

hans2103

Same thing here… thank you for this easy solution

Christopher Esplin

Oh yes. One thousand times yes.
This just saved me hours of fussing.

Zoltan F

Thanks so much. Very useful info. Saved me a lot of time. Too bad Mailchimp didn’t have this on their own website, as they should have.

Angel Diaz

Thanks guys, you made my day 🙂

Shawn

This worked perfectly. I just switched over to SSL on my site and the Mailchimp form was throwing up an error. Problem resolved.

Evan R. Murphy

Exactly the fix I needed. Thank you!

AJ

Awesome, thanks for the fix 😉

Ben Sibley

Thanks for sharing this!
One more tip to add: if your site uses the ‘www’ subdomain, you have to remove ‘www’ from the URL or you will still receive an insecure connection error when the form is submitted.

Nick

Thanks for the tip, Ben!

FreshDesignElements

Just wat I was looking for. A simple solution. Thanks so much. You rule!

Patrick

HI, thanks for the guide but where i supposed to changing it with wordpress?

Nick

Hi Patrick,
Wherever the code is being used. If it’s in a plugin, you’ll have to contact the plugin’s developer to report the issue and the fix.
Hope this helps!

alonzop

Thanks this was very helpful!

Nick

Glad it helped, Alonzo! 🙂

joakland

Joining the chorus of thanks here. This was a big help.

Nick

Cheers joakland 🙂

Joe Fletcher

It’s now considered best practice to specify https:// instead of a “protocol relative” //. A few reasons: specifying https forces https always, which is more secure, and if it works (it does), might as well use it even on non-https websites. If you use //, it’s possible the insecure version http:// can be used… and that’s exactly what happened in my case before I switched to specifying https://

Nick

Good point, Joe! I added a note to the article.
Cheers,

Martin

Thanx a lot 🙂

Amiga

Great tutorial!! Thanks

KP

Helpful! Thank you for explaining and updating.

Chajoe

Still works, thx so much!

Ahmed AL-NUAIMI

Hi, i’m still experiencing the same issue over my SSL site. the URL that was generated from mailchimp is https:// and has the “1” removed from the URL. 

any suggestions?

thanks

25
0
Would love your thoughts, please comment.x
()
x