SitePoint Sponsor

User Tag List

Results 1 to 14 of 14
  1. #1
    Working on it... Contrid's Avatar
    Join Date
    Apr 2006
    Location
    Online
    Posts
    955
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)

    SSL not validating when browsing from http:// to https://

    Good day,

    We have an issue with our SSL not validating.
    It says there are insecure elements on the page, which is not the case since a refresh then shows it validates.
    When browsing on http:// and going to or redirecting to https:// causes this problem.
    When browsing on https:// already and going to another https:// page doesn't cause this problem.

    Any ideas why?
    We are stumped.

    All the best
    And so I got lost in code...completely asphyxiated by it...

    Premium WordPress plugins - Tribulant Software

  2. #2
    Hosting Team Leader silver trophybronze trophy
    cpradio's Avatar
    Join Date
    Jun 2002
    Location
    Ohio
    Posts
    4,813
    Mentioned
    141 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Contrid View Post
    When browsing on http:// and going to or redirecting to https:// causes this problem.

    Can you elaborate on that part? Are you using htaccess to handle the redirection? If so, can you provide the Rule you are using? Are you using something else?
    Be sure to congratulate xMog on earning April's Member of the Month
    Go ahead and blame me, I still won't lose any sleep over it
    My Blog | My Technical Notes

  3. #3
    Working on it... Contrid's Avatar
    Join Date
    Apr 2006
    Location
    Online
    Posts
    955
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by cpradio View Post
    Can you elaborate on that part? Are you using htaccess to handle the redirection? If so, can you provide the Rule you are using? Are you using something else?
    I'm currently using PHP header location but I've tried .htaccess mod_rewrite as well.
    Is there a specific header needed? 301 maybe?
    And so I got lost in code...completely asphyxiated by it...

    Premium WordPress plugins - Tribulant Software

  4. #4
    It's all Geek to me silver trophybronze trophy
    ralph.m's Avatar
    Join Date
    Mar 2009
    Location
    Melbourne, AU
    Posts
    23,598
    Mentioned
    411 Post(s)
    Tagged
    7 Thread(s)
    Do you have links to any assets on the page (such as images) that start with http://? That's often the cause of problems.

  5. #5
    Working on it... Contrid's Avatar
    Join Date
    Apr 2006
    Location
    Online
    Posts
    955
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by ralph.m View Post
    Do you have links to any assets on the page (such as images) that start with http://? That's often the cause of problems.
    Nope, no insecure elements/resources with http:// . All resources are https://
    The SSL shows insecure and refreshing the page makes it validate and work as expected.
    And so I got lost in code...completely asphyxiated by it...

    Premium WordPress plugins - Tribulant Software

  6. #6
    Working on it... Contrid's Avatar
    Join Date
    Apr 2006
    Location
    Online
    Posts
    955
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    I can show you the page but I'm not sure if I'm supposed to paste links here
    And so I got lost in code...completely asphyxiated by it...

    Premium WordPress plugins - Tribulant Software

  7. #7
    Programming Team silver trophybronze trophy
    Mittineague's Avatar
    Join Date
    Jul 2005
    Location
    West Springfield, Massachusetts
    Posts
    16,457
    Mentioned
    160 Post(s)
    Tagged
    1 Thread(s)
    If it's your Sig cart, my wild guess is the search form action attribute.

    If the site isn't "family friendly" you could PM to either of us. (though I'm going offline to get some sleep now)

  8. #8
    Hosting Team Leader silver trophybronze trophy
    cpradio's Avatar
    Join Date
    Jun 2002
    Location
    Ohio
    Posts
    4,813
    Mentioned
    141 Post(s)
    Tagged
    0 Thread(s)
    I agree with Mittineague, and I also feel this is a case where providing the link will help you get a better response (otherwise, we can guess till were blue in the face).

    If it is family appropriate, feel free to provide it (if you don't mind everyone will see it), otherwise, feel free to PM a few of us it and we'll take a closer look.
    Be sure to congratulate xMog on earning April's Member of the Month
    Go ahead and blame me, I still won't lose any sleep over it
    My Blog | My Technical Notes

  9. #9
    Working on it... Contrid's Avatar
    Join Date
    Apr 2006
    Location
    Online
    Posts
    955
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Thank you for your responses, guys.

    It is the link in my signature: http://tribulant.com

    From the home page, add something to the cart by clicking "Buy It Now" button on any of the products in the slider.
    You'll see it adds, redirects to the cart which is on https:// (SSL) but it doesn't validate. Refresh the page and then it validates.

    With something in your cart, go to the home page again which is http:// (non-SSL).
    Then click the "My Shopping Cart" link in the header to go to https:// (SSL) cart page, it doesn't validate.
    Then clicking that link again or refreshing, it works.

    We've used SSL on many sites and never seen this problem.
    It also used to work fine. I'm just stumped, that's why I'm posting here because there are very savvy and clever guys here which could spot something which we cannot.
    And so I got lost in code...completely asphyxiated by it...

    Premium WordPress plugins - Tribulant Software

  10. #10
    Working on it... Contrid's Avatar
    Join Date
    Apr 2006
    Location
    Online
    Posts
    955
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Basically from the message above... going from https:// to https:// works fine.
    But going from http:// to https:// doesn't... it doesn't validate and only validates with a refresh.
    And so I got lost in code...completely asphyxiated by it...

    Premium WordPress plugins - Tribulant Software

  11. #11
    Working on it... Contrid's Avatar
    Join Date
    Apr 2006
    Location
    Online
    Posts
    955
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Mittineague View Post
    If it's your Sig cart, my wild guess is the search form action attribute.

    If the site isn't "family friendly" you could PM to either of us. (though I'm going offline to get some sleep now)
    Yes, it was the search form action attribute.
    I changed it to https:// and it seems to have fixed the problem.

    Never seen this before.
    I assume it's not the actual attribute but rather something that the Google CSE script running on that form does with it as the document has finished loading?

    Either way, thanks for your help, I think it is sorted now
    And so I got lost in code...completely asphyxiated by it...

    Premium WordPress plugins - Tribulant Software

  12. #12
    Working on it... Contrid's Avatar
    Join Date
    Apr 2006
    Location
    Online
    Posts
    955
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Maybe I spoke too soon, the problem is not resolved. I may have had cache
    And so I got lost in code...completely asphyxiated by it...

    Premium WordPress plugins - Tribulant Software

  13. #13
    Hosting Team Leader silver trophybronze trophy
    cpradio's Avatar
    Join Date
    Jun 2002
    Location
    Ohio
    Posts
    4,813
    Mentioned
    141 Post(s)
    Tagged
    0 Thread(s)
    Not sure if this makes a difference but your fonts.css uses http://themes.googleusercontent.com for the Open Sans url. In fact that seems to be what it is complaining about. Here is what I have in Chrome Developer Tools:
    InsecureContent.PNG
    Be sure to congratulate xMog on earning April's Member of the Month
    Go ahead and blame me, I still won't lose any sleep over it
    My Blog | My Technical Notes

  14. #14
    Working on it... Contrid's Avatar
    Join Date
    Apr 2006
    Location
    Online
    Posts
    955
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by cpradio View Post
    Not sure if this makes a difference but your fonts.css uses http://themes.googleusercontent.com for the Open Sans url. In fact that seems to be what it is complaining about. Here is what I have in Chrome Developer Tools:
    InsecureContent.PNG
    Yes, you are right, thank you for that. That solved the problem.
    What a hassle... I never bothered to look into the CSS files to see the sources they are loading.
    Thanks again man!
    And so I got lost in code...completely asphyxiated by it...

    Premium WordPress plugins - Tribulant Software


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •