I am trying to secure an admin domain for a group of websites, each with their own domain, which have not yet been secured using ssl.
Each of these sites should be able to ask for resources from any other in the group, which are currently all serving http. When I secure the admin domain, I get mixed content warnings in chrome, and resources such as css and images are not being loaded from http.
Is there any way of turning off this default behaviour, or do I need to secure everything all at once?
The mixed content blocking behavior is implemented in the web browser, not the server. So you could turn it off in your own web browser if you like, but other people who use the site would still have mixed content blocking enabled by their own browsers.