Solved

Internet explorer refuses secure links HTTPS

Posted on 2014-03-11
11
812 Views
Last Modified: 2014-03-12
Hi dear Experts,

We have a website to uses SSL for some links, but as soon as you click them in any version of internet explorer, IE throws an error 'Page not found'

Obviously, this is pure pain. Can anyone know how to solve this problem server side ?

WE are scripted in Coldfusion 9

MAny thanks !
Adam
0
Comment
Question by:adam1h
  • 5
  • 2
  • 2
  • +1
11 Comments
 
LVL 5

Expert Comment

by:Martin Tarlink
ID: 39920553
Could you provide more information?

Do you host that site?
If yes, on what web server  Apache, IIS, Cherokee....?

SSL setup is done on web server side and in most cases it is related to the server configuration .
You can open server log and if you host it on linux #tail -f your_log_file
and next open IE and open your page, you will see what is going on.
0
 

Author Comment

by:adam1h
ID: 39920570
Hi Tarlink,

Thanks for your reply. We are on a shared server, I reckon IIS, SSL certificate is installed under a Plesk console, and I don't know much more than that.
`
Sorry this wasn't much help

Adam
0
 
LVL 11

Expert Comment

by:Manjunath Sullad
ID: 39920577
Are you able to open this website in other browsers ?

If No - You need check the application link is working or not.


If you are able to acess in other browsers,

1. Check the IE add-ons and disable add-ons.

2 .If you are accessing via proxy, By pass proxy settings,

3. Check the compatible view settings in IE.

4. Add website to Trusted site list.

5. Disable / Enable popup blocker

6. Check the Java version.

7. Check the supporing plugins.

8. Try to reset Internet explorer settings and check.

_ Manjunath Sullad
0
MIM Survival Guide for Service Desk Managers

Major incidents can send mastered service desk processes into disorder. Systems and tools produce the data needed to resolve these incidents, but your challenge is getting that information to the right people fast. Check out the Survival Guide and begin bringing order to chaos.

 

Author Comment

by:adam1h
ID: 39920610
Hi Manjunath,
Thanks for your reply. Yes we can see it from any browser, and same in IE, we can see it.

But when we hit a page under HTTPS, then IE doesn't want to display it. We are looking for a solution that forces IE to act and read HTTPS without any human intervention.

A coldfusion script that could apply to IE 6, 7 , 8 and avoid this hassle

Thanks !
Adam
0
 
LVL 11

Expert Comment

by:Manjunath Sullad
ID: 39920649
0
 
LVL 5

Expert Comment

by:Martin Tarlink
ID: 39920651
There is always problem with IE and developing :)
It could be also some error in the code.
The best way will be to look in to logs
I am not familiar with Plesk but I found this page so maybe yo will be able to dig in to and see what logs will tell you http://serverfault.com/questions/472008/plesk-9-5-access-logs-on-winows-server

Install http://getfirebug.com/firebuglite for IE and try also look for any errors
0
 

Author Comment

by:adam1h
ID: 39920729
Hey Tarlink,

yes indeed, IE is a pure pile of headache :)

Our website does work in all browsers, but it is only not working when we use HTTPS , here is a link, it says 'Page cannot be displayed'

https://www.joe-cool.co.uk/index.cfm

The code is fine. If a workaround this can be done via application.cfc then I'll take it.

THANKS !
Adam
0
 
LVL 4

Expert Comment

by:Rodrigo Munera
ID: 39920850
Just loaded the site and it seems to work fine on IE 11

I also noticed that you're forcing SSL on the clients (attempted to load the page with http and was redirected to https).

Make sure you're not creating an infinite loop with your redirect rules, more often than not, these will manifest themselves as "page not found" messages, though, sometimes the browser will actually tell you "Too many redirects".

if you're using a version of cgi.https to force your SSL, build in some infinite loop breaks, like a counter in the session scope or in a cookie. The error you're seeing could be the client refusing multiple redirect instructions to the same page.
0
 

Author Comment

by:adam1h
ID: 39920896
Hi Rodrigo,

That's an interresting one. We do force HTTPS using our application.cfc

Here is a copy of what we use :

<!--- httpsCheck --->
	<cffunction  name="httpsCheck" access="public" returntype="void"	 output="yes" description="check if it's https protocol and redirect if required">
		
		<!--- force user to use https secure server path --->
		<cfif cgi.server_port NEQ "xxx">
			<cfset urlNow = "https://" & "#CGI.SERVER_NAME#" & "#CGI.Script_Name#" &  "?" & "#CGI.Query_String#">
			<cfoutput><meta http-equiv="Refresh" content="0; url=#urlNow#" /></cfoutput>
		</cfif>
    </cffunction>

Open in new window


Do you think we should operate another way ? We thought that forcing HTTPS was more secure...

Adam
0
 
LVL 4

Accepted Solution

by:
Rodrigo Munera earned 500 total points
ID: 39920937
You can use
<cfif cgi.https NEQ "on">

Open in new window

Instead of
<cfif cgi.server_port NEQ "xxx">

Open in new window

But they both probably work using the same principle in the back-end.

I would do something like
		<cfif cgi.https EQ "on"><!--- switched the logic to avoid confusing double-negatives ---->
			<cfset session.httpCheckCount = 0><!--- here we reset the count because SSL is on --->
		<cfelse>
			<cfset urlNow = "https://" & "#CGI.SERVER_NAME#" & "#CGI.Script_Name#" &  "?" & "#CGI.Query_String#">
			<cfif session.httpCheckCount LTE 1><!--- here we ensure we're not making too many redirects --->
				<cfset session.httpCheckCount = session.httpCheckCount+1><!--- here we increase the counter for the redirects --->
				<cfoutput><meta http-equiv="Refresh" content="0; url=#urlNow#" /></cfoutput>
			</cfif>
		</cfif>

Open in new window


Also, if you're using the session variable, make sure you initialize it in the "onSessionStart" method of your application.cfc

<cfset session.httpCheckCount = 0>

Open in new window

0
 

Author Comment

by:adam1h
ID: 39920961
Rodrigo,

Thanks for your help. This is good and will try it now.

the XXX was used to replace a port number I didn't wanted to list in here :-)

SPeak soon, and MANY THANKS !
Adam
0

Featured Post

How Do You Stack Up Against Your Peers?

With today’s modern enterprise so dependent on digital infrastructures, the impact of major incidents has increased dramatically. Grab the report now to gain insight into how your organization ranks against your peers and learn best-in-class strategies to resolve incidents.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Do you come here a lot? Are you lazy like me and don't want to go through the "trouble" of having to click your Dock's Safari icon and then having to click your Experts Exchange Favorites bookmark to get here? Well then this article is for you.
If you are a web developer, you would be aware of the <iframe> tag in HTML. The <iframe> stands for inline frame and is used to embed another document within the current HTML document. The embedded document could be even another website.
This Micro Tutorial will demonstrate how to add subdomains to your content reports. This can be very importing in having a site with multiple subdomains.
Shows how to create a shortcut to site-search Experts Exchange using Google in the Chrome browser. This eliminates the need to type out site:experts-exchange.com whenever you want to search the site. Launch the Search Engine Menu: In chrome, via you…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question