Firefox says site is not secure

ItsAMystery · September 19, 2021, 4:04am

I ran this command: loaded the site on Firefox

It produced this output: Connection not secure (on my Mac, Safari displays a padlock; on iOS, Safari does not display a padlock; on my Mac, Chrome displays a padlock; on iOS, Chrome displays a triangle with an exclamation point in it;)

My web server is (include version): (Info from hosting service) Perl 5.24.1 PHP 5.2.17

The operating system my web server runs on is (include version): Debian GNU/Linux (doesn't give version)

My hosting provider, if applicable, is: us.cloud

I can login to a root shell on my machine (yes or no, or I don't know): I don't know

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): I don't know. us.cloud installed the certificate

rg305 · September 19, 2021, 4:55am

Hi @ItsAMystery, welcome to the LE community forum

The certificate is fine.
See: SSL Server Test: izvormusic.com (Powered by Qualys SSL Labs)
The main problem is that not all content on the site is being secured.
Have a look at:
Test Results: izvormusic.com - Why No Padlock?

ItsAMystery · September 19, 2021, 6:11pm

Thank you for such a quick response and the site links, which I did not know about. I'm glad to hear that the certificate is fine. I will take a look at the results and see if I can figure out what to change on my site. This is my first go with a certificate, and I'm discovering just how much I don't know.

ItsAMystery · September 19, 2021, 6:20pm

Update: I corrected the errors listed in "Why No Padlock" and I now have a padlock. Thank you very much!

My one remaining question is that Why No Padlock still shows an "SSL connection error":

The SSL certificate tests failed. Please be sure that you can connect to your site over SSL and try again.

but I have no trouble now connecting. What am I missing?

Thank you again.

griffin · September 19, 2021, 6:39pm

Welcome to the Let's Encrypt Community

Your certificate chain looks fine to me:

https://decoder.link/sslchecker/izvormusic.com/443

I still see a bunch of "mixed content" though:

https://www.missingpadlock.com/

http://www.izvormusic.com/Assets/feed-icon-28x28.png
http://www.izvormusic.com/podcasts/Apple_Podcast_Icon-20.png
http://www.izvormusic.com/Assets/feed-icon-20x20.png
http://www.izvormusic.com/Assets/izvorsub.gif
http://www.izvormusic.com/Assets/IzvorMusic.gif

ItsAMystery · September 19, 2021, 6:42pm

Thanks, Griffin. I see now: there are two types of mixed content. I took care of the active ones, but there are still passive ones. (Again, all new territory for me.) I will go back and take a look.

ItsAMystery · September 19, 2021, 7:07pm

All mixed content now taken care of. Thanks to Rudy and Griffin for their help and helpful links. I really appreciate it.

system · October 19, 2021, 7:07pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.