SSL certificate installed but getting unsecure messages

[Jasen]

SSL installed succesfully but whenver customers press next in the checkout page, it gives the unsecure message. I checked the images and stuff but couldn't find anything. For those people who can view page error source please help me. I am desperate.
My website is http://cdkeysdiscount.com/

Thank you so much in advance.

[Jasen]

Finally Solved!
Change the line 122 in init.php

$protocol = 'http://';

to

$protocol = 'https://';

Hope this helps to people who are having similar problems!

[FireHawk]

Tried changing this but it hasn't changed anything for me.

I have my site hosted with 123-reg.
Bought there standard SSL cert and they auto install onto my domain.
Ticked the use SSL within the BO and any page i try to get to like the cart, or login pages (where a customer would login) i get the "This Connection is Untrusted"
The technical info about the error is...
qtmdirect2u.co.uk uses an invalid security certificate.

The certificate is only valid for ssllin1.123-secure.com.

(Error code: ssl_error_bad_cert_domain)

I've sent a report into 123-reg support and they initially have said i shouldn't be getting any errors and will be looking into it further.

Could there be any alterations within my coding i need to hard code change?
I was hoping that due to the SSL being installed by my host, 123-reg that all i needed to do was turn on SSL within the BO.

My ebsite is www.qtmdirect2u.co.uk

[Jasen]

Well looking at your error message, your problem is with the certificate not your website. It's saying that your website does not have the permission to use the certificate.

[FireHawk]

Yeah that 's what i was thinking.
Hopefully 123-reg will sort this quickly as i can't get on till this is sorted.

Thanks for your reply though

[Jasen]

Why don't you just disable SSL on your prestashop until the problem is fixed?

[Omega]

Quick question?

Do you have a dedicated/static IP address? This is usually an extra that your host will charge for. It sounds to me that you have a pulic SSL that belongs to 123-reg and that is why you are getting this error. You need a dedictaed/static IP and a private SSL. The SSL can be got for about £10 a year and the dedicated/static IP is aout £8 for the year.


Heres a post I made

http://www.prestashop.com/forums/viewthread/30683/security/solved_ssl_error_on_log_in

[FireHawk]

My problem was all sorted out by my host 123-reg.
I have no idea what happened, maybe an install problem.

Thanks for posting though.

[ayoko555]

I cannot find anything about Protocol in my init.php... please help

[SSNet Inc]

Jason,

What version of the cart were you using for this fix. That file in 1.4 only has 2 lines of actual code - and the one you mentioned isn't one of them.

[ayman]

Finally Solved!

Change the line 122 in init.php

$protocol = 'http://';

to

$protocol = 'https://';

Hope this helps to people who are having similar problems!

 

Hey man ,

I checked all my init.php cant find that line , where excatly is that file?

 

Thanks

[Mister Denial]

I have the unsecure mixed content error on my site too. I have a valid SSL certificate and a dedicated IP, yet a big fat red warning in Chrome!

[kingsinnersoul]

any idea for PS 1.4.5.1? I am using UCC SSL from Godaddy. and I get similar error. :-(

[wippa]

I have the unsecure mixed content error on my site too. I have a valid SSL certificate and a dedicated IP, yet a big fat red warning in Chrome!

 

You can use Chrome f12 button, subbutton warnings, and show wich items are causing it.

However, you can use IE8/9 and check wich items are not displayed while you dont agree show mixed content. (Unsecure items are not displayed before you agree, thats nice way to see it in front page)

 

Remember always post version of prestashop to get best community support...

Code is not same.

[Mister Denial]

Hi Wippa, didn't know about the F12 to show which items are causing the warning, I'll try that. The problem is caused by the Prestapress module, but only when customers access the website with https instad of http. If they first access the shop in http, and then switch to https, everything works fine.

 

PS: it is PS 1.4.6.2

[wippa]

¿Wich module?? You can use cpanel-editor/ftp+notepad++ to edit it's tpl file if you know it.

Only need to search string http and fix it. Using https forced is no problem event dont need. You can load resources https anyway.

 

Test F12 button, using last button "Console".

Always is a img src tag, css loaded trough http or javascript.

 

"If they first access the shop in http" <- Just curious...

 

I get this error today using addthis script.

A safe way is using always relative url's when you link internal stuff or resources, because it gives https_http parameter auto.

[ScubaLessonsInc]

I have 5 stores all have SSL installed correctly.. all were fine, and now that they were upgraded to 1.4.6.2 they now all have SSL errors.. and even though I click enable the SSL.. I will go back when the error pops up again and it will look like it was never checked.. it has the click here to enable SSL thing, I click and it is green.. all good.. but keeps happening over and over and in all five stores. THIS has got to be a prestashop error..what gives? HELP!!!

[fazee]

same problem here, presta 1.4.4.1. I am not a developer, my question may be lame....

After my pal modified my theme's header.tpl to load flash logo, I get big red X in chrome.

Preblem is here:

 

<script type="text/javascript" src="http://dobrefajki.pl/flashobject.js"></script> </head> <body id="index"> <div id="page"> <!-- Header --> <div id="header"> <div id="flashcontent1"> <span style="font-style: italic;">no flash</span> <br /> <a href="http://www.adobe.com/go/getflashplayer" target="_blank"><img src="get_flash_player.gif" style="border: none" alt="download flash player" /></a> </div> <script type="text/javascript"> // <![CDATA[ var so = new FlashObject("http://dobrefajki.pl/logo.swf", "animacja", "414", "133", "8.0.0", true); so.write("flashcontent1"); // ]]> </script> <div id="header_right">

 

and there is my header.tpl

 

 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="{$lang_iso}">

<head>

<title>{$meta_title|escape:'htmlall':'UTF-8'}</title>

{if isset($meta_description) AND $meta_description}

<meta name="description" content="{$meta_description|escape:html:'UTF-8'}" />

{/if}

{if isset($meta_keywords) AND $meta_keywords}

<meta name="keywords" content="{$meta_keywords|escape:html:'UTF-8'}" />

{/if}

<meta http-equiv="Content-Type" content="application/xhtml+xml; charset=utf-8" />

<meta name="generator" content="PrestaShop" />

<meta name="robots" content="{if isset($nobots)}no{/if}index,follow" />

<link rel="icon" type="image/vnd.microsoft.icon" href="{$img_ps_dir}favicon.ico?{$img_update_time}" />

<link rel="shortcut icon" type="image/x-icon" href="{$img_ps_dir}favicon.ico?{$img_update_time}" />

<script type="text/javascript">

var baseDir = '{$content_dir}';

var static_token = '{$static_token}';

var token = '{$token}';

var priceDisplayPrecision = {$priceDisplayPrecision*$currency->decimals};

var priceDisplayMethod = {$priceDisplay};

var roundMode = {$roundMode};

</script>

{if isset($css_files)}

{foreach from=$css_files key=css_uri item=media}

<link href="{$css_uri}" rel="stylesheet" type="text/css" media="{$media}" />

{/foreach}

{/if}

{if isset($js_files)}

{foreach from=$js_files item=js_uri}

<script type="text/javascript" src="{$js_uri}"></script>

{/foreach}

{/if}

{$HOOK_HEADER}

 

<script type="text/javascript" src="http://dobrefajki.pl/flashobject.js"></script>

</head>

 

<body {if $page_name}id="{$page_name|escape:'htmlall':'UTF-8'}"{/if}>

{if !$content_only}

{if isset($restricted_country_mode) && $restricted_country_mode}

<div id="restricted-country">

<p>{l s='You cannot place a new order from your country.'} <span class="bold">{$geolocation_country}</span></p>

</div>

{/if}

<div id="page">

 

<!-- Header -->

<div id="header">

 

<div id="flashcontent1">

<span style="font-style: italic;">no flash</span>

<br />

<a href="http://www.adobe.com/go/getflashplayer" target="_blank"><img src="get_flash_player.gif" style="border: none" alt="download flash player" /></a>

</div>

 

<script type="text/javascript">

// <![CDATA[

var so = new FlashObject("http://dobrefajki.pl/logo.swf", "animacja", "414", "133", "8.0.0", true);

so.write("flashcontent1");

// ]]>

</script>

 

 

<div id="header_right">

{$HOOK_TOP}

</div>

</div>

 

<div id="flash_baner">

tutaj flash

</div>

 

<div id="columns">

<!-- Left -->

<div id="left_column" class="column">

{$HOOK_LEFT_COLUMN}

</div>

 

<!-- Center -->

<div id="center_column">

{/if}[root@server prestashop_new2]#

 

 

I have no clue what to do... please help if possible. I know there should be no hard link but tried with src=./logo.swf etc and still no joy

[fazee]

A safe way is using always relative url's when you link internal stuff or resources, because it gives https_http parameter auto.

 

So what is the format of relative URL's?

[fazee]

nevermind... sorted. it was enough to change url to

ar so = new FlashObject("logo.swf", "animacja", "414", "133", "8.0.0", true); etc... no other path

Cheers

[wippa]

fazee See your external links. They points to an url with http instead https.