?
Solved

SSL Problem

Posted on 2011-09-29
3
Medium Priority
?
635 Views
Last Modified: 2012-05-12
We have a form on a secure server and the URL is: https://www.antiguayachtshow.com/register.php

Some of our visitors encounter the following pop up error message:
You have requested an encypted page that contains some unencrypted information.
Information that you see or enter on this page could easily be read by a third party.

The only unencrypted information that I can think is included is the captcha generator but being a non technical person, I could we be wrong.

Does anyone have any ideas how we can go about solving this problem?
0
Comment
Question by:canu
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 4

Accepted Solution

by:
artsec earned 1200 total points
ID: 36818989
Hello,

This is a common issue when you implement SSL certificate. This error is produced by Internet Explorer / Google Chrome when content (e.g., an image or java script) on a secure website is being loaded through a non-secure source. When viewing the page's source code, you will notice that content on the site is being loaded through "http://" rather than "https://".

When users with Internet Explorer /  Google Chrome access the website, they will get the warning "This page contains both secure and nonsecure items. Do you want to display the nonsecure items?"

To resolve the problem, you will need to replace the standard http references on your website so that objects are loaded instead through https. Any content that cannot be loaded securely should not be loaded to that website if you do not want users to experience the error.

Though Firefox does not display an error, it will show a red line through the standard golden lock icon, showing that the page is displaying secure and non-secure content.

Examples:
This image produce warning message :<img src="http://www.DOMAIN.com/images/image.jpg" /> when you call it from a page over SSL. You need to modified as follow:<img src="https://www.DOMAIN.com/images/image.jpg" />
 
0
 
LVL 6

Assisted Solution

by:mattjp88
mattjp88 earned 800 total points
ID: 36890161
artsec explained it really well.  The only file I see on the page that is being loaded from a non-secure domain is from captchator.com.  Doing some checking about captchator.com, it doesn't seem they have an SSL version of their API, so my may need to either setup a proxy or switch to a different captcha system to avoid the warning.

-Matt
0
 

Author Closing Comment

by:canu
ID: 36891739
Thanks a million for your detailed responses, it was much appreciated. I have referred this back to the developer so hopefully this will be resolved sooner rather than later. Thanks again!
0

Featured Post

Enroll in September's Course of the Month

This month’s featured course covers 16 hours of training in installation, management, and deployment of VMware vSphere virtualization environments. It's free for Premium Members, Team Accounts, and Qualified Experts!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Check out the latest tech news, community articles, and expert highlights in August's newsletter.
What's worse than having your data encrypted by ransomware? Getting attacked by a so-called "wiper," which simply destroys the data and offers you no hope of ever seeing it again.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question