Errors when connecting over HTTPS

[abought]

Summary

I am unable to connect to ExAC over a secure connection (HTTPS). Insecure connections work normally.

Scope/impact

As more websites (like github pages) move to https, this can lead to "mixed content" errors if a page uses the API. See devtools errors on this page for an example of the request being blocked.

Mixed Content: The page at 'https://statgen.github.io/locuszoom/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://exac.broadinstitute.org/api/constraint'. This request has been blocked; the content must be served over HTTPS

Steps to reproduce

Occurs on several machines, various platforms.

curl http://exac.broadinstitute.org/ returns a response immediately.

But if I try a secure connection, I get the following error after ~1min:

$ curl https://exac.broadinstitute.org/ -v
*   Trying 35.185.97.150...
* TCP_NODELAY set
* Connected to exac.broadinstitute.org (35.185.97.150) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/cert.pem
  CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* LibreSSL SSL_connect: SSL_ERROR_SYSCALL in connection to exac.broadinstitute.org:443 
* stopped the pause stream!
* Closing connection 0
curl: (35) LibreSSL SSL_connect: SSL_ERROR_SYSCALL in connection to exac.broadinstitute.org:443