the security functions of wordpress are still poor, but maybe someone has a solution for that problem:
I have a wordpress blog at some plain HTTP URL as usual,
lets say http://aaa.aa (which is a virtual server).
For security reasons, I do the administration over the HTTPS port
like https://bbb.bb (which is the regular non-virtual name of the server).
In order to get this working, I need to set both WP_SITEURL and WP_HOME in the https server's config file, but then all those pings and trackbacks contain the https URLs. Did not yet find a way to configure them separately.
Please add an option to allow hard setting the ping/trackback URL.
It is really time to become more security aware and to support administration of a blog over https.