apache https issue with credentials being passed insecurely notification via firefox

Hi, Having set up a website to redirect all connections to https versions of the website firefox gives the following error when trying to log into one of the pages.  

Although this page is encrypted, the information you have entered is to be sent over an unencrypted connection and could easily be read by a third party.

What might cause this and how do I go about fixing it so that the information is sent securely?
LVL 1
KeraDanNagaAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

fosiul01Commented:
I saw this problem happen if you have picture in your page,

and then when you go to http to https

if the the link of images is not https, it will show that error.


example : if you have a picture which as has path : http://yourdomaoni.com/images/pic1.gif

now when its goes to http to https,

when ssl read the whole page, it sees there is a link which has http://
hence its though the error

its page design issue.

0
bswinnertonCommented:
This is usually because part of the website is unencrypted. For example you may be calling an unsecured javascript or include.

You can usually see what it is in firefox by clicking on the blue part of the favicon and clicking more information. From there you can click the media tab and see what doesn't have https:// before it to see where your leak is.

If you'd like you can post the address of the website and we'll have a look.
0
bswinnertonCommented:
As fosiul01 said, make sure that you're using relative links and not absolute links. If you use relative links e.g: images/navbar.png instead of absolute links: http://mysite.com/navbar.png
0
KeraDanNagaAuthor Commented:
Hmmm the webpage is using relative links when the redirect line is not in the conf, but using absolute links when the redirect line is in the conf.  There is java script and it may be a function calling the section that uses the absolute links.  Any ideas?
0
bswinnertonCommented:
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Apache Web Server

From novice to tech pro — start learning today.