Ghost - your connection to this site is not fully secure

Ghost - your connection to this site is not fully secure

Also, attacker might be able to see the images you're looking at on this site and trick you by modifying them.

Also, you must construct additional (HTTPS) pylons.

Trick me, you say ? Sounds like something like an evil clown might try to do:

Scary right? Upon closer inspection, it does look like Ghost/Gatsby are rendering image elements with http:// instead of https://. That's not good.

HTTP on an HTTPS site: this is no bueno.

I decided to check some of Ghost/Gatsby configs, and did find that the .ghost.json config is indeed specifying http:// backend URLs:

The Ghost Kubernetes deployment is also specifying http://:

Switched Deployment from http to https

Changing .ghost.json did not fix the issue, images still appear on Gastby with the http:// source for the Ghost backend.

Changing my Deployment manifest, however, did work!

No more borked https:// padlock !!

Solution:

  • Switch Deployment.spec.template.spec.containers[ghost].env[url].value from HTTP (http://mybackend.callbackinsanity.com) to HTTPS (https://mybackend.callbackinsanity.com),
  • Apply deployment manifest, in my case kubectl describe -f ghost/manifest.yml.
  • Check on the Kubernetes deployment status kubectl describe -f ghost/manifest.yml.
  • After the Ghost  deployment is complete in Kubernetes (the backend), trigger a Gatsby rebuild on the front-end (Netlify in this case).
  • Force refresh of site in Chrome Cmd + Shift + R.
  • ...
  • Profit !