Redmine

We have implemented Redmine 4.0.4 recently. During VAPT security team came with an observation "Sensitive information transmitted in clear text" Earlier we used to use SAML plugin for version 2.6 which was not giving this problem.

Need guidance on resolving this.

Thanks

Amit Mehendale