SSL iframe is embedded on other web site

Question

Iframe from domain with SSLcertificate will be embedded on other site (foo.com).

1. Must foo.com have SSL cerificate?
2. If foo.com has SSL certificate, will it be an security error? foo.com has SSL certificate for foo.com, but iframe domain has other SSL certificate.
3. If foo.com hasn't got SSL certificate, will it be an security error?

Answer 1

The best way to look at an iFrame is to see it as almost a separate browser. In the case of foo.com not being SSL but the iFramed site being SSL you will not get any errors.

If you switch this around, where foo.com has SSL and the IFramed site doesn't, you can get a security warning about mixed-content from the browser.

Answer 2

1. No.
2. You will only get a security error if the embedding site uses SSL, but the iFramed one does not. Whether the sites use different certificates or not, that does not matter.
3. No.