Solved

SSL Problem

Posted on 2011-09-29
3
631 Views
Last Modified: 2012-05-12
We have a form on a secure server and the URL is: https://www.antiguayachtshow.com/register.php

Some of our visitors encounter the following pop up error message:
You have requested an encypted page that contains some unencrypted information.
Information that you see or enter on this page could easily be read by a third party.

The only unencrypted information that I can think is included is the captcha generator but being a non technical person, I could we be wrong.

Does anyone have any ideas how we can go about solving this problem?
0
Comment
Question by:canu
3 Comments
 
LVL 4

Accepted Solution

by:
artsec earned 300 total points
ID: 36818989
Hello,

This is a common issue when you implement SSL certificate. This error is produced by Internet Explorer / Google Chrome when content (e.g., an image or java script) on a secure website is being loaded through a non-secure source. When viewing the page's source code, you will notice that content on the site is being loaded through "http://" rather than "https://".

When users with Internet Explorer /  Google Chrome access the website, they will get the warning "This page contains both secure and nonsecure items. Do you want to display the nonsecure items?"

To resolve the problem, you will need to replace the standard http references on your website so that objects are loaded instead through https. Any content that cannot be loaded securely should not be loaded to that website if you do not want users to experience the error.

Though Firefox does not display an error, it will show a red line through the standard golden lock icon, showing that the page is displaying secure and non-secure content.

Examples:
This image produce warning message :<img src="http://www.DOMAIN.com/images/image.jpg" /> when you call it from a page over SSL. You need to modified as follow:<img src="https://www.DOMAIN.com/images/image.jpg" />
 
0
 
LVL 6

Assisted Solution

by:mattjp88
mattjp88 earned 200 total points
ID: 36890161
artsec explained it really well.  The only file I see on the page that is being loaded from a non-secure domain is from captchator.com.  Doing some checking about captchator.com, it doesn't seem they have an SSL version of their API, so my may need to either setup a proxy or switch to a different captcha system to avoid the warning.

-Matt
0
 

Author Closing Comment

by:canu
ID: 36891739
Thanks a million for your detailed responses, it was much appreciated. I have referred this back to the developer so hopefully this will be resolved sooner rather than later. Thanks again!
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This article outlines the process to identify and resolve account lockout in an Active Directory environment.
This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question