Guest topdotter Posted October 31, 2007 Share Posted October 31, 2007 Hi, I've gotten the SSL cert installed by my host and following the directions on CC's support, tried going to https://www.silkknots.com. However, when I do that it redirects to http (which would seem to make sense since the homepage isn't supposed to run under the SSL cert) but it also appends ?ccuser=xxxxxxxxxxxVALUExxxxxxxx. Further, when going to a page that DOES require SSL, such as the the view cart page, the padlock appears locked briefly while the page is loading and then unlocks as soon as the page is done loading. It's a rapidSSL cert issued (or backed) by Equifax. Shmuel Quote Link to comment Share on other sites More sharing options...
Homar Posted October 31, 2007 Share Posted October 31, 2007 Hi, I've gotten the SSL cert installed by my host and following the directions on CC's support, tried going to https://www.silkknots.com. However, when I do that it redirects to http (which would seem to make sense since the homepage isn't supposed to run under the SSL cert) but it also appends ?ccuser=xxxxxxxxxxxVALUExxxxxxxx. Further, when going to a page that DOES require SSL, such as the the view cart page, the padlock appears locked briefly while the page is loading and then unlocks as soon as the page is done loading. It's a rapidSSL cert issued (or backed) by Equifax. Shmuel Works fine for me in FireFox. Just a note, avoid using absolute URLs. This will cause browsers to notify the user that some content is not secure. In your case, I think it's the Google Analytics that's causing this. Quote Link to comment Share on other sites More sharing options...
Guest topdotter Posted October 31, 2007 Share Posted October 31, 2007 Works fine for me in FireFox. Just a note, avoid using absolute URLs. This will cause browsers to notify the user that some content is not secure. In your case, I think it's the Google Analytics that's causing this. Homar, even in Admin where it says "Absolute URL"? Quote Link to comment Share on other sites More sharing options...
Homar Posted October 31, 2007 Share Posted October 31, 2007 Works fine for me in FireFox. Just a note, avoid using absolute URLs. This will cause browsers to notify the user that some content is not secure. In your case, I think it's the Google Analytics that's causing this. Homar, even in Admin where it says "Absolute URL"? Sorry. I didn't explain very clearly. When added an item to the cart and clicked 'View Cart', SSL was active (worked fine). If a page contains both SSL and non-SSL components, the visitor will be notified - 'This page contains both secure and non-secure items - do you want to continue...'. To avoid this notification, you must ensure that all the components of your page are able to load via a secure connection (https://). If you set (let's say) an image to display and set its path to http://www.example.com/image.png, the image will NOT load via a secure connection (due to the http:// and not https://). If you set the image's path to be relative to the current page- e.g. /image.png, the image will load via a secure connection. I took a look at your source code and tried to find where absolute paths were used. I found that you were using google analytics. This loads a javascript from Google through a non-secure connection. Therefore, users will be notified that the page contains both secure and non-secure elements. Just to clarify, your SSL certificate and implementation seems to be working fine. The only minor issue is the use of a non-secure item (and hence the notification). Quote Link to comment Share on other sites More sharing options...
Guest topdotter Posted October 31, 2007 Share Posted October 31, 2007 Thanks Homar, that made it work. Just for everyone else, at this point in time, the Google Analytics code for a secure page is https://ssl.google-analytics.com/urchin.js. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.