I just installed my SSL and changed all http to https and I have the green padlock for mobile devices, but not on computers. Does the http count for the backend like php code? Also to note, I used https://www.ssllabs.com/ssltest/ to check and the grade was “A”. I noticed that the second certificate has no SNI and the names were mismatched. Could that also be the reason?
That means you have a not fully secure website (load some of the resources using http link). Upgrade all links in your webpage to make sure it’s all loaded via https. whynopadlock.com can also helps you.
You do t necessarily need to provide full (sni) support. (SNI just help you reach some clients who use XP or before)
That will not be the reason.
@stevenzhu I used whynopadlock and it said SSL pass and no mixed content. I am going to changed the http in the backend and see if that helps.
Maybe the computer browser can tell you the reason if you click on the security indicator icon in the browser address bar.
The icon that looks like a shield? It says something about insecure scripts are being loaded
This means that the scripts are loaded from http:// URLs instead of https:// URLs. I would have expected whynopadlock to identify that problem, but anyway that provides a good explanation. You should be able to change the references in the
<script src="http://example.com/script.js"> to https:// and fix the problem.
Ok, One last question, Is it everything in the pubic_html folder? That have to be HTTPS?
Every script, image, frame, or stylesheet reference (among other things, apparently) should point to an HTTPS origin in order to avoid a mixed content error.
Lets encrypt integration with NGINX and tomcat
If one would start using
src="//example.com/script.js", these problems wouldn’t exist. See RFC 3986 section 4.2: Relative Reference.
Yes, but it would raise a flag when testing for content-security-policy…
So it’s better to use a https before those slashes.
If you can use FireFox or Chrome (Desktop), test
Ctrl + Shift + I
to open the webmaster tools / developer tools.
There is a console, there are the wrong links listed.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.