• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 380
  • Last Modified:

Apache - SSL

I have recently enabled SSL security for my Apache web server. I am using weblogic as my app server. I didnt install any ssl certificate on my app server. Whenever I access my application, the following changes happen.

1) I hit the https URL. It reaches webserver.  - As a sign of encryption, the background of the url changes to pale yellow.
2) After login webserver handsover the request to the app server.  - Here the background changes to default white. Does it mean that the encrytion is topping when the request reaching the application server?

I am in an assumption that if web server is https enabled, all the requests/responses flowing through it will be encrypted nomatter how many application-servers or database-servers or content servers involved in the transaction.
Am I right or wrong? Plesae clarify!!!!
0
Raz
Asked:
Raz
  • 2
1 Solution
 
giltjrCommented:
Does the URL change to http?  Or does it stay https?

Are all of your href's relative or absolute?
0
 
RazAuthor Commented:
all the urls have been changed to https. Everything is working fine here. The url remains https even after the request reaches app server. But the background color of the url changes back to white. Thats what concerns me.
0
 
giltjrCommented:
As long as the URL says https and all of your hrefs are relative your SSL'ed.

Your browser should also show you if it is encrypted (SSL'ed) or not by showing a lock.

Now some browsers (like Firefox) may show a warning along with the lock if there is mixed contents (SSL'ed and non-SSL'ed).  This means some of the content on the page was retrieved without SSL.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now