When renewing our SSL certificate today I discovered that all our site's https pages do not displaying the secure padlock symbol because resources on the page are from an insecure source, namely xbanners and banners managed by xTreme_Gear.
Sure enough all xbanners have an http:// path on an https:// page. Any solution I can think of is made more complex by our use of MAXcdn, so all the images have a url like
http://cdn.mydomain.com/
Any thoughts?
