ssl warnings on https login post

We need to get the wildcard ssl cert setup so that the login does not present the user with the big red warning screen about the cert not being vaild. 

For now, unfortunately, we will have to have a work around and post to the non ssl _session endpoint. 
