There are some situations where you may want to embed content in the administrator area of your Joomla website. More so you may want that content coming from a secure source over SSL e.g. https:.
There is a little trick in regards to how to do it in a dynamic fashion to be able pull in the content properly without issues.
Instead of using the full URL to embed the content, use the dynamic version instead by not including the http or the https.
For example, the URL https://www.thesslstore.com/
The URL should be embedded as //www.thesslstore.com
This will allow the browser to dynamically pull in either the http or the https depending on the session that the browser is set at.
If your Joomla site is protected by a SSL certificate, e.g. https://mysite.com, and you want to also embed content on the site and make that secure too, the embedding source will have to be also served from a secure location and delivered by SSL.
Google provides resources such as Google Ads are served this way to ensure that ads are either served securely or insecurely depending on the sites requirements.