My company uses SalesForce and ExactTarget. Our sales people are getting security warnings because the ExactTarget app and or Salesforce renders an iframe in HTTP instead of HTTPS. We've checked the ssl settings in exactTarget and it is turned on. If you request the url of the iframe, exacttarget forces you back to ssl so I think exact target is set up correctly.
I cannot for the life of me figure out if there are any settings for ExactTarget within salesforce.
(Note: I am just a lowly software developer at our company and as such, have no idea how to use the giant piece software that is SalesForce.)
The answer appears to be that the original configuration of exact target was done with a non-ssl version of the url. No one noticed until browsers all started blocking this insecure content like they should have been doing all along...
Following the steps below and configuring the URL in salesforce with HTTPS instead of HTTP was all that was needed. (Why no one at salesforce or exacttarget support could suggest how to change this url is still a mystery)