• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 835
  • Last Modified:

Internet explorer refuses secure links HTTPS

Hi dear Experts,

We have a website to uses SSL for some links, but as soon as you click them in any version of internet explorer, IE throws an error 'Page not found'

Obviously, this is pure pain. Can anyone know how to solve this problem server side ?

WE are scripted in Coldfusion 9

MAny thanks !
Adam
0
adam1h
Asked:
adam1h
  • 5
  • 2
  • 2
  • +1
1 Solution
 
Martin TarlinkNetwork Systems AdministratorCommented:
Could you provide more information?

Do you host that site?
If yes, on what web server  Apache, IIS, Cherokee....?

SSL setup is done on web server side and in most cases it is related to the server configuration .
You can open server log and if you host it on linux #tail -f your_log_file
and next open IE and open your page, you will see what is going on.
0
 
adam1hAuthor Commented:
Hi Tarlink,

Thanks for your reply. We are on a shared server, I reckon IIS, SSL certificate is installed under a Plesk console, and I don't know much more than that.
`
Sorry this wasn't much help

Adam
0
 
Manjunath SulladTechnical ConsultantCommented:
Are you able to open this website in other browsers ?

If No - You need check the application link is working or not.


If you are able to acess in other browsers,

1. Check the IE add-ons and disable add-ons.

2 .If you are accessing via proxy, By pass proxy settings,

3. Check the compatible view settings in IE.

4. Add website to Trusted site list.

5. Disable / Enable popup blocker

6. Check the Java version.

7. Check the supporing plugins.

8. Try to reset Internet explorer settings and check.

_ Manjunath Sullad
0
WEBINAR: 10 Easy Ways to Lose a Password

Join us on June 27th at 8 am PDT to learn about the methods that hackers use to lift real, working credentials from even the most security-savvy employees. We'll cover the importance of multi-factor authentication and how these solutions can better protect your business!

 
adam1hAuthor Commented:
Hi Manjunath,
Thanks for your reply. Yes we can see it from any browser, and same in IE, we can see it.

But when we hit a page under HTTPS, then IE doesn't want to display it. We are looking for a solution that forces IE to act and read HTTPS without any human intervention.

A coldfusion script that could apply to IE 6, 7 , 8 and avoid this hassle

Thanks !
Adam
0
 
Martin TarlinkNetwork Systems AdministratorCommented:
There is always problem with IE and developing :)
It could be also some error in the code.
The best way will be to look in to logs
I am not familiar with Plesk but I found this page so maybe yo will be able to dig in to and see what logs will tell you http://serverfault.com/questions/472008/plesk-9-5-access-logs-on-winows-server

Install http://getfirebug.com/firebuglite for IE and try also look for any errors
0
 
adam1hAuthor Commented:
Hey Tarlink,

yes indeed, IE is a pure pile of headache :)

Our website does work in all browsers, but it is only not working when we use HTTPS , here is a link, it says 'Page cannot be displayed'

https://www.joe-cool.co.uk/index.cfm

The code is fine. If a workaround this can be done via application.cfc then I'll take it.

THANKS !
Adam
0
 
Rodrigo MuneraSr. Software EngineerCommented:
Just loaded the site and it seems to work fine on IE 11

I also noticed that you're forcing SSL on the clients (attempted to load the page with http and was redirected to https).

Make sure you're not creating an infinite loop with your redirect rules, more often than not, these will manifest themselves as "page not found" messages, though, sometimes the browser will actually tell you "Too many redirects".

if you're using a version of cgi.https to force your SSL, build in some infinite loop breaks, like a counter in the session scope or in a cookie. The error you're seeing could be the client refusing multiple redirect instructions to the same page.
0
 
adam1hAuthor Commented:
Hi Rodrigo,

That's an interresting one. We do force HTTPS using our application.cfc

Here is a copy of what we use :

<!--- httpsCheck --->
	<cffunction  name="httpsCheck" access="public" returntype="void"	 output="yes" description="check if it's https protocol and redirect if required">
		
		<!--- force user to use https secure server path --->
		<cfif cgi.server_port NEQ "xxx">
			<cfset urlNow = "https://" & "#CGI.SERVER_NAME#" & "#CGI.Script_Name#" &  "?" & "#CGI.Query_String#">
			<cfoutput><meta http-equiv="Refresh" content="0; url=#urlNow#" /></cfoutput>
		</cfif>
    </cffunction>

Open in new window


Do you think we should operate another way ? We thought that forcing HTTPS was more secure...

Adam
0
 
Rodrigo MuneraSr. Software EngineerCommented:
You can use
<cfif cgi.https NEQ "on">

Open in new window

Instead of
<cfif cgi.server_port NEQ "xxx">

Open in new window

But they both probably work using the same principle in the back-end.

I would do something like
		<cfif cgi.https EQ "on"><!--- switched the logic to avoid confusing double-negatives ---->
			<cfset session.httpCheckCount = 0><!--- here we reset the count because SSL is on --->
		<cfelse>
			<cfset urlNow = "https://" & "#CGI.SERVER_NAME#" & "#CGI.Script_Name#" &  "?" & "#CGI.Query_String#">
			<cfif session.httpCheckCount LTE 1><!--- here we ensure we're not making too many redirects --->
				<cfset session.httpCheckCount = session.httpCheckCount+1><!--- here we increase the counter for the redirects --->
				<cfoutput><meta http-equiv="Refresh" content="0; url=#urlNow#" /></cfoutput>
			</cfif>
		</cfif>

Open in new window


Also, if you're using the session variable, make sure you initialize it in the "onSessionStart" method of your application.cfc

<cfset session.httpCheckCount = 0>

Open in new window

0
 
adam1hAuthor Commented:
Rodrigo,

Thanks for your help. This is good and will try it now.

the XXX was used to replace a port number I didn't wanted to list in here :-)

SPeak soon, and MANY THANKS !
Adam
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: CompTIA Cloud+

The CompTIA Cloud+ Basic training course will teach you about cloud concepts and models, data storage, networking, and network infrastructure.

  • 5
  • 2
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now