Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.Hello,
I am running Ubercart, D6 and uc_ssl for a client. All the SSL configurations seem to be set up correctly.
When visiting the checkout page, I am able to load them as https://, however the url bar goes red and I am getting this message from my browser security settings:
Connection Partially Encrypted
Parts of the page you are viewing were not encrypted before being transmitted over the internet.Information sent over the internet without encryption can be seen by other people while it is in transit.
We are using a dreaded configuration. It is a godaddy dedicated server, and all the apache settings are set by turbopanel. I have tried to modify the apache settings myself, but many of the settings are overridden by apache. Its one of those cheap 'standard' $30 godaddy certificates.
I was wondering if there was an issue with the way I have the UC SSL module set up here. From what I gather, images or other content items are being delivered that are not encrypted, so either I have set up UC SSL incorrectly, or there are steps that I am overlooking with Drupal.
Any ideas?
Comments
Comment #1
rerooting CreditAttribution: rerooting commentedUpdate:
Still getting this issue, even though all images are checking out under https addresses.
Comment #2
rerooting CreditAttribution: rerooting commentedAlso tried following some steps which involve modifying the settings.php file - http://drupal.org/node/91642. Still isn't working, though hopefully this will help.
I am wondering - would CSS optimization throw this off?
Comment #3
crystaldawn CreditAttribution: crystaldawn commentedOther things that can cause this are insecure iframes on the page, insecure javascript, or insecure images (the most common). uc_ssl doesnt deal with changing actual paths within a page, all it does is simply redirect to a secure url and then its up to the administrator to make sure paths are RELATIVE and not full paths that include http:// in them. The reason it does this is because it cuts out a HUGE chunk of problem areas. That way when things like this happen, you know its not because of the module, but instead because of the page itself. The best way to test it is to simply use Garland as the theme, and then see if you still have problems. If you do, then you know its likely because of an image in the node u are viewing or from javascript. Using garland eliminates your theme as a problem all together because 90% of the insecure problems come from the theme files themselves.
Comment #4
rerooting CreditAttribution: rerooting commentedAh ha! My client had both statcounter and piwik enabled, which caused the page to call for two nonsecure *.js files. Thanks for the help!
Now i just have to figure out how to get Ubercart credit card encryption to work (i cannot enter the keys directory, for some reason)
Thanks!