Annoying problem with security cert
Date: 01/06/08
(WebDesign) Keywords: php, browser, css, java, security
One of my sites has a Verisign certificate installed for HTTPS serving. HTTPS is configured and works fine, except for this problem.
Some pages have the proper lock & domain name in the lower right, other pages have a warning lock. Both pages are hosted with the same domain. Both pages are accessed via https://domain.net.
Secure
https://domain.net/subfolder/index.php
"Contains unauthenticated content"
https://domain.net/index.php
What I've done so far is to view source through my browser on the second page. Then I did alt-F and searched for http://. I found no instances of http:// on the page.
I also double clicked the lock on the second page, which brings up Firefox's Page Info window. On the Security tab there is a warning under Technical Details saying "Connection Partially Encrypted. Parts of the page you are viewing were not encrypted before being transmitted over the internet. Information sent over the Internet without encryption can be seen by other people in transit" On the Media tab several images are listed, all of which are served over https://.
There are two CSS and one Javascript includes on the second page - I confirmed that no http:// content is located in any of these.
Edit
IE displays a secure lock on the second page:
What gives?
Source: http://community.livejournal.com/webdesign/1349310.html