mrpetem Posted September 18, 2011 Share Posted September 18, 2011 Hi, Ok so this is going to be a little hard for me to explain, but I will do my best. Yes this is to do with apache server I believe. Ok So I have bought my first VPS hosting plan and also SSL123 certificate from thawte. I have created the certificate and uploaded ok to the domain. Now, when I navigate to an actuall page, like the home page with https:// at front of url, there is no warning given and everything seems to work ok. BUT if I click on the URL icon to show information about the connection (in firefox) it says this connection is not secure blah blah This provider does not supply identity information blah. Now here is the strange part. If I navigate to a directory such as 'https://www.mywebsite.com/directory/' and in that directory there is a page called 'index.php', it displays this page ok because I have set it up with apache mod_rewrite. But it then says in the URL icon that 'this connection is secure' provided by thawte etc. As if the SSL certificate is working perfectly. Yet if I then navigate to 'https://www.mywebsite.com/directory/index.php' this goes away and it goes back to giving the 'connection is not secure blah blah' when I press the icon button. So it seems really strange. If this doesnt make complete sense, please bear with me and I will be giving you the exact pages soon so you can see what I mean. I just signed up with daily.co.uk and they are not too helpfull. I get more help from the people here and Im not even paying them, yet daily.co.uk seem to be of the mindset that server management with vps is all down to me and I will have to pay them to get these things sorted. Either that or they give one liner responses telling me very little helpfull information. Not too happy with them as you can probably tell. All they have to do is spend probably 5-10 minuites setting it up and they get monthly payments from me, and also potentially more sales, but they obvoiusly cant see past those 5-10 minuites. Infact, they told me that I should point the nameservers to their nameservers, not my vps ip. Yet I done this and it worked fine, untill I actually changed the nameservers back to their nameservers then all I get is their default page on my domain name. As if it is not pointing to my vps server. I have pointed the A records to my vps server ip as well. So from my understanding is, when I type my domain name url in, it goes to their nameserver ns1.daily.co.uk, and their nameserver then points it to my vps server. If that is so, then I dont understand why it is not working. It worked before when I used my vps host as a nameserver.... doesnt make sense... Quote Link to comment Share on other sites More sharing options...
mrpetem Posted September 18, 2011 Author Share Posted September 18, 2011 My thinking is that the certificate is getting partially validated when apache does not do any rewritting or redirects, and fully validated when it does. So the way around it could be to make apache have to rewrite or redirect every page but thats not an ideal situation. Quote Link to comment Share on other sites More sharing options...
mrpetem Posted September 18, 2011 Author Share Posted September 18, 2011 Ok the site is back up now. If you navigate to: https://www.youramazingproducts.com/ You will see it connects. If you are using firefox then click the icon at the start of the URL input bar and it says 'Your connection is only partially encrypted' If you navigate to: https://www.youramazingproducts.com/doesnotexist Then click the icon again, it shows that it is fully encrypted and verified by Thawte. Quote Link to comment Share on other sites More sharing options...
ninjeh Posted September 20, 2011 Share Posted September 20, 2011 Ok the site is back up now. If you navigate to: https://www.youramazingproducts.com/ You will see it connects. If you are using firefox then click the icon at the start of the URL input bar and it says 'Your connection is only partially encrypted' If you navigate to: https://www.youramazingproducts.com/doesnotexist Then click the icon again, it shows that it is fully encrypted and verified by Thawte. On the https page, you are most likely requesting external resources (stylesheets, images, javascript widgets etc) using the plain http protocol. On a https page all of the external requests have to be handled through https. Quote Link to comment Share on other sites More sharing options...
gizmola Posted September 20, 2011 Share Posted September 20, 2011 Yes, as Ninjeh suggested there is a get of http://www.youramazingproducts.com:8880/javascript/promo-flags.js.php occurring. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.