I'm currently wrestling with the set up of SSL on Apache (on Windows) and I have the server up and running and accepting https connections etc. When I first connect to the website from my browser (IE in this case) I get the warning regarding the certificate (I have set up a test certificate), which is fine. However every page I subsequently go to I get a "do you want to display nonsecure items" dialog and it's quite irritating. I suspect a browser setting is partly to blame, except I don't get the message when I go to other sites with https implementations such as Amazon. I presume the nonsecure items are the images on the page, but Amazon has images too. SO is there something in the SSL config that might cause the browser to generate these messages?
Spencer Warhurst
Warhurst, SI \(Spencer\) 's gravatar image asked Apr 26 2006 at 15:23 in Httpd-Users by Warhurst, SI \(Spencer\)

2 Answers

I suspect the problem is that the page contains non-secure URLs to such things as images and style sheets that are loaded by the browser in order to render the page. If your page is https://www.domain.ac.uk/index.html and it contains
you'll get the warning. If it contains
or
then you won't. Steven
The official User-To-User support forum of the Apache HTTP Server Project. See for more info.
" from the digest:
S.Hayles 's gravatar image answered Apr 26 2006 at 15:40 by S.Hayles
I think you're right. It's a web application I'm running over SSL and it has lots of dynamically generated HTML and I thought I had nailed all the variables in the templates that we http hard-coded but evidently not the one for images paths! Thanks
The official User-To-User support forum of the Apache HTTP Server Project. See for more info.
" from the digest:
Warhurst, SI \(Spencer\) 's gravatar image answered Apr 26 2006 at 15:45 by Warhurst, SI \(Spencer\)

Related Discussions

Facebook Google+ Twitter Linkedin
 Discussion Overview

 Group: Httpd-users

 asked: Apr 26 2006 at 15:23

 active: Apr 26 2006 at 15:45

 posts: 3

 users: 2

Related Groups
Httpd-dev
Httpd-users