[SOLVED]IE Information Bar Error with SSL (Security Certificate Error)

[valerielat]

I have read through all forum posts on this subject and cannot find a solution to my particular problem.

The error message comes in the information bar and reads "IE has blocked this website from displaying content with security certificate errors." I do NOT receive any pop-up error messages regarding secure vs non-secure content.

(1) I have checked my source code to ensure image files are being pulled from https rather than http.
(2) I have confirmed that I am using the most current version of Google Analytics that has the secure code.
(3) I have confirmed that my backoffice has SSL enabled and that the v1.1 theme compatability is set to NO.
(4) I have checked several of my .tpl files (i am using the default theme) to ensure {base_dir} is {base_dir_ssl} where necessary.
(5) I have checked add-on modules for references to base_dir in the .tpl files and changed those to base_dir_ssl.
(6) I have ensure I do not have Flash content on my secure pages that could be pulling from non-secure location.
(7) I have had several discussions with my reputable hosting company who assures me that the SSL certificate installation is installed correctly and validated by Comodo. They believe it is a source code error accessing non-secure content.
(8) I am exhausted with this problem.

Can anyone PLEASE help me out and maybe take a look at my source to see if I missed anything obvious??

Thanks so much...

The Zen Hippie

[valerielat]

Additional Information..... and plea for help...

IE 6 - Gives pop up error message that reads "The name on the security certificate is invalid or does not match the name of the site".

IE 7 - Gives information bar error that reads "IE has blocked this website from displaying content with security certificate errors."

IE8 - No error.

Unfortunately, there are still so many IE6 and IE7 users.

Any suggestions?

[thethreedegrees]

Hi,
here are a few suggestions.
Forget about IE6 as anyone using that browser should not be allowed to browse the net let alone be shopping with it:-)

When you registered your SSL cert are you 100% it's a wildcard cert in that it recognizes www.youraddress.com and http://youraddress.com?
Because your site has various link's that have both URL's?? This may be throwing out IE7 and not 8.

Go through your image links again ESPECIALLY the ones that come from the modules and make sure they are https.
What I did to trouble shoot the breaking of SSL certs by PS was to remove all modules and add them back in one by one until I found the culprit.

Good Luck!

[valerielat]

Thanks so much for the reply...

I disabled each add-on module one at a time and still continued to get the error message. So.... it must be the SSL certificate.

We have a private positive SSL certificate issued from host gator. I am having much difficulty determining if this is the culprit of the IE error messages. I can purchase a private instant SSL; however, this process is causing additional difficulty because our domain name is not the same as our company name which is on our business license. In order to issue an instant SSL we must provide a business license which must match the domain name and whois info... sigh....

I don't understand why you can't get a valid SSL when you are "Doing Business As" under a different domain name.

I suppose the only way to resolve this is to get a new business license issued that matches our domain name, purchase an instant SSL just to see if this resolves the IE7 error.

[thethreedegrees]

There are a number of free SSL certs you could try before going down the road of purchasing one.

Comodo have a 90 day full SSL cert offer here:http://www.comodo.com/business-security/digital-certificates/free-ssl.php
This is wildcarded also to include and exclude www.

Also another company I stumbled upon was StartCom. http://www.startssl.com

Both can be issued in minutes and worth a try just to determine if your existing cert is not compatible.

[Yousef]

Hello,

StartSSL do provide free SSL for domain validation only. Which means it checks whether you are really the domain owner, nothing more regarding you business Id. While they also offer other non-free products, it's worth it to pay a little more and get a more known brand.

If you really don't care about the trust of your clients, and only need to perform secure traffic over the Web, any SSL domain validation would serve your need. But if you intend to you the SSL for eCommerce solution, you better think twice before you purchase SSL Certificate.

1. You need business Identity. People ordering at your site, need to know that the person whom they are buying from is REAL person, who has a street address, lives somewhere, and his name is really whom he claims he is. And is not someone who is just having domain trying to steal their money with no identity. That's why it's important to operate under the same name who owns the domain. You are REALLY whom you claim you are!

2. Along with purchasing Certificate which gives business identity, you get Trust Logos that you can put in your website, and you will be surprised that people will trust you more! People clicking the trust logo, will be led to iframe or popup window that gives "Validated By...", with your full address, email, phone, and they can have peace of mind with it.
You will be surprised how much conversion rate you will add by this.

3. Choosing high assurance means you are serious about business. High assurance with business identity can give you warranty up to 100,000 or 250,000 dollars or even 1 Million. This means, that the certificate authority is ready to pay this amount to end users in case you turned to be a fraudlent website and they mis-issued the certificate. Higher warranty means more serious validation, but it all comes to your pocket where your clients will put their trust in you, not just in a domain they log in.

4. Extended Validation. EV, this is the green bar you see next to SSL website in Internet Explorer and FireFox. It writes your name on it, so that people no more need to click to verify or dig the SSL certificate to know they are really dealing with good people, they can just see it outside already, and trust the site more.

5. Multiple subdomains or multiple domains? This means your SSL is valid for all *.yourdomain.com or domain1.com and domain2.com. Of course, here you pay more, but with discounts. Instead of getting 2 or 3 for every subdomain or domain, you just pay one high volume certificate giving you all benefits.

6. Brand is the most important. Now, as of writing this reply, StartSSL (although already plugged into browsers) still didn't get the higher brand it's supposed to get, people rarely heard of it, mostly open source people use it, and anyone seeing such an Icon on your website, would just question... Who is this company that validated your business? I'm not against new competitors, and I'm totally against monopols, but it will come to your pocket as well. The more people see that you are using high quality brand that is globally known, they will trust you more and will eventually buy from your shop, instead of some other shop with not well known brand.

We are in hard times where people hardly trust anyone and are always seeking for more security tags and brands just to make sure they are safe enough of the bad guys out there. I can't blame them! So will you offer eCommerce solutions with cheap solutions or will you choose to pay a little more and try to buy the hearts of your shoppers?

I personally choose Comodo for SSL certificates. Comodo is the 2nd largest provider in the SSL Industry.

Comodo InstantSSL
Comodo Instant PremiumSSL
Comodo Extended Validation

Enjoy and good luck with your SSL purchase.

Yousef.
http://www.itsoftex.com/

[valerielat]

Thanks for your reply. We are still trying to get to the bottom of this issue.

Currently we have a positive SSL issued by Comodo and installed on HostGator. In my research I have discovered that the PrestaShop Sites that have an SSL and do not get warning messages in IE6 and IE7 tend to come from GeoTrust. I am now trying to determine exactly what type of SSL these sites have from GeoTrust so that we can make our customers feel comfortable and secure when purchasing from us. Unfortunately we don't have anyone in our shop who has expertise in SSL certificates and I don't want to move forward until I am sure this will resolve our issue.

I would get an instant SSL from Comodo except we have run into some road blocks. Our company name does not match our domain name. In order to purchase an instant SSL from Comodo, we have to provide a business license. We tried to get a new business license strictly for our online business that matches our domain name. However, our county is currently not issuing business licenses for the next 2 months while they restructure their license fee schedule (gotta love the government).

I appreciate any input! I would love to know if someone has had success (no IE6 and IE7 error msgs) with an SSL and exactly what type of SSL they use and from what provider. Unfortunately, those businesses have no need to read this forum! :coolsmirk:

[Yousef]

Hello again,

I now understand your problem, and it's not related to SSL Certificate at all. It's related to displaying non-secure items in secure-mode. Even if you had GeoTrust, it will still display errors.

I noticed your website loads thickbox plugin. I'm not sure if you have programming abilities and if you have access to source code, but there is file in your Server that needs to be tweaked:

Get yourself to edit this file:
http://thezenhippie.com/js/jquery/thickbox-modified.js

Look for this text:

$("body").append("<iframe id='TB_HideSelect'></iframe>");

Replace it with:

$("body").append("<iframe id='TB_HideSelect' src='[removed]false;'></iframe>");

Re upload to the same location in the Server, and let us know if this fixed the problem for you.
This fix is based on the following document:
http://consultingblogs.emc.com/michaelciba/archive/2008/11/05/thickbox-ie6-and-a-little-secure-and-nonsecure-items-problem.aspx

Hope it works for you.

Yousef.
http://www.itsoftex.com

[valerielat]

Thanks for that input. I did not know that thickbox file needed to be modified and was so hoping that file modification would work. Unfortunately, after modifying that source code I am still getting the IE6 and IE7 errors. It must be something else.

I was quite sure it was the type of SSL certificate but now I am not so sure....

[Yousef]

Hello,

if you have access to the code, try to disable ALL JQuery/AJAX code, and disable the Google analytics and all style sheets. One of these items is just calling a piece of code related HTTP protocol instead of HTTPS.

Try this location:
https://thezenhippie.com/page-not-found

When Internet Explorer asks you about displaying non-secure items, just click No.
You will be surprised to see that your SSL succeeded to load, but the page doesn't have some images.
In this case, it's because of images are in HTTP protocol, where I can question, why images are not relative to the full address? Why they are re-written always with different addresses? So, in the cart page, these images are correctly in HTTPS, but something else is still loading in HTTP mode... need hard investigation of Jquery and AJAX.

You can eliminate that SSL has problem by just loading this URL:
https://www.thezenhippie.com/img/logo.jpg

Or you can upload any other file.html you create, that doesn't call any Jquery/style, and see that it's working.

Yousef.
http://www.itsoftex.com

[valerielat]

Thanks so much for the input and help. It seems the culprit was the Google Analytics module. Although I double checked my Google Analytics code against this reported Google fix from Google http://www.google.com/support/googleanalytics/bin/answer.py?hl=en&answer=55483, and confirmed I was using the most recent Analytics code, it was still causing IE6/IE7 errors.

My solution was found in this thread http://www.prestashop.com/forums/viewthread/33443/. I replace ganalytics.php with the ganalytics.php found in the above thread and NO MORE ERRORS!

There is also a bug tracker for this issue http://www.prestashop.com/bug_tracker/view/3228/.

[enigma32]

So, what about when I've replaced the ganalytics.php and don't even use google analytics, yet still get this error?

[Drew]

thanks very much fixed my issue