Stop MailChimp Forms Breaking Your SSL

MailChimp Logo

We recently re-designed this site, and when we did we also decided to run the site entirely over SSL.

Actually moving our site to SSL was relatively simple, but we’ve found that many web services still struggle to work correctly with SSL.

For example, we found that MailChimp, Feedburner, Amazon, dlvr.it and other RSS services didn’t seem to like any feeds served over SSL. We had to tweak our .htaccess file so that our RSS feed doesn’t use SSL.

This week we found that our MailChimp sign-up form was breaking our SSL In Chrome.

You can see our newsletter form in the sidebar of this site:

media_1409319019134.png

It took some testing to solve the problem but we managed to do it.

Inside the default MailChimp form we had code that looked like this:

<form action="http://ostraining.us1.list-manage1.com/subscribe/post?u=c4fe34ed80790dd773846d4e1&amp;id=e030bfa9b8

The obvious solution was to remove the http:// from the URL and replace it with // so that it reads like this:

<form action="//ostraining.us1.list-manage1.com/subscribe/post?u=c4fe34ed80790dd773846d4e1&amp;id=e030bfa9b8

However, by itself that wasn’t enough. By experimenting, we realized that we needed to change the MailChimp URL also. We had to change list-manage1.com to list-manage.com.

Here’s the final MailChimp URL that works behind an SSL in all browsers:

<form action="//ostraining.us1.list-manage.com/subscribe/post?u=c4fe34ed80790dd773846d4e1&amp;id=e030bfa9b8

Update: replace // with https:// so that the form is always secure.

I expect we’ll run into more SSL problems as a relatively early adopter. We’ll try to post solutions as we find them and hopefully services like MailChimp will adapt to make SSL use easier.

Author

  • Steve Burge

    Steve is the founder of OSTraining. Originally from the UK, he now lives in Sarasota in the USA. Steve's work straddles the line between teaching and web development.

    View all posts
0 0 votes
Article Rating
Subscribe
Notify of
guest

25 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
Hbrow
Hbrow
10 years ago

Thanks a lot. This was becoming a headache.

Nick Savov
10 years ago
Reply to  Hbrow

You’re very welcome, Hbrow! Glad it was helpful.

hans2103
hans2103
10 years ago

Same thing here… thank you for this easy solution

Christopher Esplin
Christopher Esplin
10 years ago

Oh yes. One thousand times yes.
This just saved me hours of fussing.

Zoltan F
Zoltan F
10 years ago

Thanks so much. Very useful info. Saved me a lot of time. Too bad Mailchimp didn’t have this on their own website, as they should have.

Angel Diaz
Angel Diaz
9 years ago

Thanks guys, you made my day 🙂

Shawn
Shawn
9 years ago

This worked perfectly. I just switched over to SSL on my site and the Mailchimp form was throwing up an error. Problem resolved.

Evan R. Murphy
Evan R. Murphy
9 years ago

Exactly the fix I needed. Thank you!

AJ
AJ
9 years ago

Awesome, thanks for the fix 😉

Ben Sibley
Ben Sibley
9 years ago

Thanks for sharing this!
One more tip to add: if your site uses the ‘www’ subdomain, you have to remove ‘www’ from the URL or you will still receive an insecure connection error when the form is submitted.

Nick Savov
9 years ago
Reply to  Ben Sibley

Thanks for the tip, Ben!

FreshDesignElements
FreshDesignElements
8 years ago

Just wat I was looking for. A simple solution. Thanks so much. You rule!

Patrick
Patrick
8 years ago

HI, thanks for the guide but where i supposed to changing it with wordpress?

Nick Savov
8 years ago
Reply to  Patrick

Hi Patrick,
Wherever the code is being used. If it’s in a plugin, you’ll have to contact the plugin’s developer to report the issue and the fix.
Hope this helps!

alonzop
alonzop
8 years ago

Thanks this was very helpful!

Nick Savov
8 years ago
Reply to  alonzop

Glad it helped, Alonzo! 🙂

joakland
joakland
8 years ago

Joining the chorus of thanks here. This was a big help.

Nick Savov
8 years ago
Reply to  joakland

Cheers joakland 🙂

Joe Fletcher
Joe Fletcher
8 years ago

It’s now considered best practice to specify https:// instead of a “protocol relative” //. A few reasons: specifying https forces https always, which is more secure, and if it works (it does), might as well use it even on non-https websites. If you use //, it’s possible the insecure version http:// can be used… and that’s exactly what happened in my case before I switched to specifying https://

Nick Savov
8 years ago
Reply to  Joe Fletcher

Good point, Joe! I added a note to the article.
Cheers,

Martin
Martin
6 years ago

Thanx a lot 🙂

Amiga
Amiga
6 years ago

Great tutorial!! Thanks

KP
KP
6 years ago

Helpful! Thank you for explaining and updating.

Chajoe
Chajoe
6 years ago

Still works, thx so much!

Ahmed AL-NUAIMI
Ahmed AL-NUAIMI
3 years ago

Hi, i’m still experiencing the same issue over my SSL site. the URL that was generated from mailchimp is https:// and has the “1” removed from the URL. 

any suggestions?

thanks

25
0
Would love your thoughts, please comment.x
()
x