Even if your site is browsed over HTTPS, it can be insecure if any assets (images, scripts, styles) are transferred over an HTTP connection. This will trigger a “mixed content” warning in the browser that many will brush off as unimportant. The warning can be a major issue for some sites, though, and I want to explain why.
Jetpack’s Photon service doesn’t like it when image assets are served over SSL. I took some time to dig in to the issue and coded a quick workaround to enable Photon on a site locked down to serve all assets over SSL.