By default, the Omnilert will serve the script from an HTTP (non-secure) address.
What if your website uses HTTPS? Users would get warnings about "mixed content" and that's not good.
The answer is simple: Just change the "http" in the script URL to "https".
The original script serves the Widget via normal HTTP, with no SSL.