I wanted this blog to be served over HTTPS for now, but I noticed that there was some HTTP content left after I set up the web server, which makes some browsers feel insecure.
The culprits were Twitter, Google Fonts and Google Search. This is the list of URLs I had to change to
https://. There may be more if you use other features such as Delicious or Google Plus.
Also don’t forget to have your
_config.yml be HTTPS.