Author Topic: SSL - https/http switchover - both secure nosecure items - encrypted  (Read 70424 times)

MrBoza

  • Beginner
  • *
  • Posts: 14
    • preorder figure
Re: SSL - https/http switchover - both secure nosecure items - encrypted
« Reply #45 on: August 11, 2008, 07:30:28 am »
Ok fist step turn off all your add on modules that may have unsecure items like the one i was using called user info something like that. Then go to the log in page https and check in the source if there is a link http that may look fishy. One more thing ...check in your VM admin that it's correct mine was https://preorder-figure.com/index.php but should be https://www.preorder-figure.com/index.php  :)

I did change the config file as they say in this post but I’m not sure if the two small gif files made the problem. For me was the module.
make sure you have the latest Joomla 1.54 at list and virtue mart 1.1.2 just installed and very fast with cache on!! Recommended.
www.preorder-figure.com/index.php feel free to test

...have fun! ::)


JJRO

  • Jr. Member
  • **
  • Posts: 62
Re: SSL - https/http switchover - both secure nosecure items - encrypted
« Reply #46 on: August 13, 2008, 19:21:48 pm »
Just came back to give a quick update...
I solved all the SSL images issues by going into EVERY instance of an image and using absolute paths  http://blahblahblah.com/images/...
PITA! but it works.

allanchan

  • Beginner
  • *
  • Posts: 38
Re: SSL - https/http switchover - both secure nosecure items - encrypted
« Reply #47 on: August 15, 2008, 01:51:21 am »
Hi There,

When I try to go into https right... The Script below which I copy out from your site had problem with mine...

Code: [Select]
<script src="https://www.preorder-figure.com/components/com_virtuemart/fetchscript.php?gzip=1&amp;subdir[0]=/themes/default&amp;file[0]=theme.js&amp;subdir[1]=/js&amp;file[1]=sleight.js&amp;subdir[2]=/js/mootools&amp;file[2]=mootools-release-1.11.js&amp;subdir[3]=/js/mootools&amp;file[3]=mooPrompt.js" type="text/javascript"></script>

  <script type="text/javascript">var cart_title = "Cart";var ok_lbl="Continue";var cancel_lbl="Cancel";var notice_lbl="Notice";var live_site="https://www.preorder-figure.com";</script>
  <link href="https://www.preorder-figure.com/components/com_virtuemart/fetchscript.php?gzip=1&amp;subdir[0]=/themes/default&amp;file[0]=theme.css&amp;subdir[1]=/js/mootools&amp;file[1]=mooPrompt.css" type="text/css" rel="stylesheet" />


My code shows like this...

Code: [Select]
<script src="http://www.trade-asy.com/components/com_virtuemart/fetchscript.php?gzip=0&amp;subdir[0]=/themes/default&amp;file[0]=theme.js&amp;subdir[1]=/js&amp;file[1]=sleight.js&amp;subdir[2]=/js/mootools&amp;file[2]=mootools-release-1.11.js&amp;subdir[3]=/js/mootools&amp;file[3]=mooPrompt.js" type="text/javascript"></script>
  <script type="text/javascript">var cart_title = "Cart";var ok_lbl="Continue";var cancel_lbl="Cancel";var notice_lbl="Notice";</script>
  <link href="http://www.trade-asy.com/components/com_virtuemart/fetchscript.php?gzip=0&amp;subdir[0]=/themes/default&amp;file[0]=theme.css&amp;subdir[1]=/js/mootools&amp;file[1]=mooPrompt.css" type="text/css" rel="stylesheet" />

And May I know are u (MrBoza) using Sh404SEF. BEcause your

Code: [Select]
<base href="https://www.preorder-figure.com/index.php" />
seems to change to seure site url when I type in https...

Code: [Select]
<base href="http://www.trade-asy.com/index.php" />

But Mine never change with sh404SEF...

Could you please teach me how to configure sh404sef corrently...

Joomla 1.5.5 Virtuemart 1.1.2 sh404Sef 1.0.3

Thanks

Allan


snyder97

  • Beginner
  • *
  • Posts: 3
Re: SSL - https/http switchover - both secure nosecure items - encrypted
« Reply #48 on: October 01, 2008, 03:16:33 am »
I am getting an error when I switch to the checkout error (https://)
I have spent days reading posts and trying to figure this out but I just can't seem to get it.

Firefox error "Although this page is encrypted, the information you have entered is to be sent over an unencrypted connection and could easily be read by a third party.
Are you sure you want to continue sending this information?"

IE6 error "This page contains both secure and nonsecure items. Do you want to display the nonsecure items"
I need help to resolve the security issue so that the page is 100% secure, no error and the store is functional.

What I am working with:
I am using a shared ssl certificate through netfirms.
Joomla 1.5.4 Production/Stable
VirtueMart 1.1.2 stable
Custom Template (this is my first template should there be something in the template to force everything to https)
Authorize.net for payment

I linked my style sheet as https:// and now it seems to load ok but what am I missing.
Big thanks to anyone that can help!!!

MozartMcLaus

  • Beginner
  • *
  • Posts: 9
Re: SSL - https/http switchover - both secure nosecure items - encrypted
« Reply #49 on: June 11, 2009, 13:35:47 pm »
I will fix this problem soon, just give me some time, because i encountered it myself.

The problem is that many modules, tamplates and so on dont handle https logical cases. Open your final page with https. open its generated html source code and copy it to notepad. Search for "http://".
you will encounter that many images, css, javascript links are absolutely linked to http: while your browsing https. thats the problem. browser will fire up warning message of unsecure items.

1) The only way to quick fix it is to get ReReplacer component: http://extensions.joomla.org/extensions/4336/details
Add rule to replace
http://www.mydomain.tld
to
https://www.mydomain.tld
for specific menu item (for example shop) or for all sites everywhere.

This WILL definitively solve all you problems with theese SSL warning messages.

2) BUT! There is always a "but". Also joomla has damn poor handling of $live_site. I have never seen such poor core functionality. anyway. many modules use this variable for different conditional statements. if you use https and your live_site is http you will get different conditional logic failing in different modules. for example in VM during order processing + login.
The only way to fix it is to generate live_site dynamically.
when i finish with this, the problem will be solved to the end.

cheers

Gary

  • Jr. Member
  • **
  • Posts: 373
Re: SSL - https/http switchover - both secure nosecure items - encrypted
« Reply #50 on: October 29, 2009, 13:27:01 pm »
Any more developments on this? I have the same problem!

natecovington

  • Beginner
  • *
  • Posts: 11
Re: SSL - https/http switchover - both secure nosecure items - encrypted
« Reply #51 on: September 16, 2010, 16:28:49 pm »
Hi,

I am having a similar problem.  Joomla (1.5.18), VM (1.5.14), SH404sef (version 2.1.4.734)

My solution was to disable the JSN Imageshow Pro module on the VM pages, as this module was hard-coding some URL's without https://

As soon as the browser detected this module, it warned that there was an unsafe connection.

Fixed!

lindapowers

  • Full Member
  • ***
  • Posts: 1335
  • If you're going through hell, keep going.
    • Venta de naranjas online y mandarinas
  • Skype Name: manu.gonzalez91
  • VirtueMart Version: Latest avi
Re: SSL - https/http switchover - both secure nosecure items - encrypted
« Reply #52 on: November 27, 2011, 06:34:36 am »
and here comes the stupid question after reading all the comments,

I'm having a problem with IE9 warning which after testing I noticed is caused by the login module (slick_login).

I checked the source code on the ssl checkout page and the images from the module are pointing to http.

So the stupid question is in what files you edit those lines?

Thanks