I have a link in a php script in one secure domain to access a page in another secure domain and the browser's (IE, Firefox) give me a warning message:

Although this page is encrypted, the information you have entered is to be sent over an unencrypted connection and could easily be read by a third party.

Are you sure you want to continue sending this information?



Is there a way to include both domains together, maybe an .htaccess entry or a php bit of code in the link program?

I have a link in a php script in one secure domain to access a page in another secure domain and the browser's (IE, Firefox) give me a warning message:

Although this page is encrypted, the information you have entered is to be sent over an unencrypted connection and could easily be read by a third party.

Are you sure you want to continue sending this information?



Is there a way to include both domains together, maybe an .htaccess entry or a php bit of code in the link program?

That means something on the other page isn't encrypted / usually there is a warning in if you go cross domain due to SSL's trust .. I don't think it's possible to avoid all warnings when going cross-domain.

Here's the story.

I purchased an ssl cert for my FQDM (root) on my server so that I could secure cPanel with a real cert rather than self-signed thats included with the install.

It wound up that I could not use this same cert for www. subdomain so I purchased a second cert for WWW.

I'm using a cPanel/WHMCS bridge script that calls WHMCS database info from cpanel, than goes to the WHMCS page.

Correct me if I'm wrong, but I think Apache thinks it is a cross domain request because of the 2 different certs.

Will I need to buy a single cert that covers both ROOT and WWW to get this to work??

Are you absolutely sure there isn't a form in this page pointing to a non-ssl url? That's what the error message is telling you. Perhaps not your main page but an unrelated small form? (eg. site search, domain search or similar).

No - The authenticating part of the script is encrypted. For all I know it is broadcasting a link back to the script writers home site.

There are not any links or ad's on the pages I am using that should leave the server.

The message pops up when the word 'Authenticating' comes up on the screen.

This is a free script by WHMCSGold.com in case someone may have a solution.

Try it with Firefox and the live-http-headers plugin. The headers will show you what's being submitted to where.

Try it with Firefox and the live-http-headers plugin. The headers will show you what's being submitted to where.

Great call.

Seems there are some http:// requests from one of the scripts instead of https://

The php file is encoded with ioncube and the developer no longer supports this free script.