The file favicon.ico is being served over http when I have set everything to be served over https.

[ghost]

Welcome to Ghost's GitHub repo! 👋🎉

Do you need help or have a question? Please come chat in Slack: https://ghost.org/slack 👫. Found a bug? Please fill out the sections below... thank you 👍

Issue Summary

My blog is self-hosted using an https site and I am getting the following warning that is in Chrome. I've replaced my actual domain with in the error message for my personal privacy.

/ghost/#/signin:1 Mixed Content: The page at 'https:///ghost/#/signin' was loaded over HTTPS, but requested an insecure image 'http:///content/images/2018/02/favicon.ico?t=1518474189048'. This content should also be served over HTTPS.

Steps to Reproduce

1. Configure NGINX as an SSL proxy to ghost
2. Browse to your personal ghost website /admin and login. After logging in, the lock icon on the browser changes to indicate insecure. Chrome throws the error listed above indicating that favicon.ico is being loaded over http (not https), despite the rest of the content being served as https.

Any other info e.g. Why do you consider this to be a bug? What did you expect to happen instead?
I would expect favicon.ico to be served over https like all of the rest of the data.

Technical details:

• Ghost Version: 1.21.1
• Node Version: 6.11.2
• Browser/OS: FireFox and Chrome on OpenBSD
• Database: sqlite

[kevinansfield]

@mattschwartz03 you need to adjust Ghost's url config value to also be https. If you need support please use our Slack channel rather than opening GitHub issues - we use GitHub solely for bug tracking and on-going feature work and do not offer support here, thanks!