Results 1 to 7 of 7
  1. #1
    Join Date
    Jan 2002
    Location
    Toronto, Canada
    Posts
    11,059

    SSL Warning - How do I get rid of it?

    I have a PHP script that I sell on one of my sites. My customers put a small Javascript tag into pages they want to monitor in the software.

    Here's the problem. One customer has placed the tag into his secured checkout pages. But when visitors go through checkout, they get that popup SSL warning.

    I always get confused with SSL. What should be done to avoid the SSL warning?

    Vito
    DemoDemo.com - Flash tutorials since 2002
    DemoWolf.com - 5,300+ Flash tutorials for hosting companies, incl. Voice tutorials

  2. #2
    Join Date
    Jun 2003
    Location
    Texas
    Posts
    453
    Is it calling something that isn't using https://? That will cause a popup if it is.
    ................

  3. #3
    Join Date
    Jan 2002
    Location
    Toronto, Canada
    Posts
    11,059
    He tried it using https as well. Here's what the tag looks like:

    <script language="JavaScript1.3" type="text/javascript" src="https://www.hisdomain.com/wmserver/tag.php?action=get_code"></script>

    But in order to use https, the file that the tag points to needs to be on a secure server, doesn't it?

    Vito
    DemoDemo.com - Flash tutorials since 2002
    DemoWolf.com - 5,300+ Flash tutorials for hosting companies, incl. Voice tutorials

  4. #4
    Join Date
    Jun 2003
    Location
    Texas
    Posts
    453
    YEs, if the cert isn't for www.hisdomain.com then it will popup error if the cert is for secure.domain.com should call it via https://secure.domain.com and that file would have to be within that url path.
    ................

  5. #5
    Join Date
    Jan 2002
    Location
    Toronto, Canada
    Posts
    11,059
    Well, as you can see from the tag in my previous post, the file that it points to is in the http://www.hisdomain.com/wmserver/ folder. When buying something on his site, when checking out, you go to https://www.hisdomain.com/cgi-bin/etc...

    So should the files be located somewhere else other than in the wmserver folder?

    Vito
    DemoDemo.com - Flash tutorials since 2002
    DemoWolf.com - 5,300+ Flash tutorials for hosting companies, incl. Voice tutorials

  6. #6
    There are some possibilities why the popup appears:

    1. He has a self signed SSL cert, not from a trusted party (commercial cert)
    2. Validity of the certificate is not yet valid or expired
    3. the certicificate was issued for hisdomain.com, not www.hiisdomain.com

    If it meets at least one of these possibilities, then the security alert will appear.

    There is another kind of popup, which appears if the page has a mixed content between secured and unsecured pages.
    can happen on a page with frames.

    Just my 2 cents,
    photogrammer.

  7. #7
    Join Date
    Apr 2003
    Location
    London, UK
    Posts
    4,695
    Originally posted by vito
    Well, as you can see from the tag in my previous post, the file that it points to is in the http://www.hisdomain.com/wmserver/ folder. When buying something on his site, when checking out, you go to https://www.hisdomain.com/cgi-bin/etc...

    So should the files be located somewhere else other than in the wmserver folder?

    Vito
    Place the tag.php file in the same directory as his secure page and you should be ok.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •