Chrome Shows red x through ssl

eaglei22 said 1 year, 12 months ago:

I uploaded a file for my website for customers to download. It’s a free virus scanner. After doing so and testing the download chrome now continuously shows a red X through the SSL lock under https://

Warns of 256-bit encryption.. and includes non secure resources. Anyway to get around this? Also, anyway to get rid of this red X that appears now?

Thanks

DaveD said 1 year, 12 months ago:

@eaglei22

From what you have provided I can guess that the issue is simply that the download you added is accessed insecurely (through HTTP) rather than through HTTPS which is causing the non-secure items message. You can check out this article which talks a little more about this type of issue:

http://support.godaddy.com/help/article/852

However, without seeing the site I can only guess that this is the issue. If you want to provide the domain I’d be happy to take a look into this for you.

eaglei22 said 1 year, 12 months ago:

Dave,

I took out my download folder and the link I had that originally cause it and I still get the “X” in chrome. I did some searching and some said if I had an external file in a javascript that can cause this as well. So I changed the external link to a local file, and I still get it! Any help would be great.. Here is the link.

https://pcexpresstechs.com

eaglei22 said 1 year, 12 months ago:

Actually, that seemed to have fixed it. Just took some time to sync up I guess.

Thanks for the reply though!

eaglei22 said 1 year, 12 months ago:

Well, actually there is another problem..
When using my form script, upon redirect I get the red x again.. Here is the script I’m using:

<?php

// $mail_to and $mail_from must be set.

$mail_to = ”; // Who is the E-Mail going to?
$mail_from = ”; // Where does the E-Mail appear to be from?

// OPTIONAL SETTING
$redirect_url = ‘../selection.html’; // Example: http://domain.com/thankyou.html – must be a FULL URL.

############################
# DO NOT EDIT BELOW THIS #
############################

// Fail if _POST and _GET are empty. Nothing to process.
if(count($_POST) == 0 AND count($_GET) == 0):
echo ‘This form handler does nothing if visited directly. You must submit form data to this script.’;
exit;
endif;

// Fail if $mail_to or $mail_from are not set.
if(empty($mail_to) OR empty($mail_from)):
echo ‘You must edit this script and set the appropriate values for $mail_to and $mail_from.’;
exit;
endif;

// Set $fields to whichever method is being used.
$fields = (count($_POST) > 0 ) ? $_POST : $_GET;

$message_body = “Form Submission nn”;

foreach ($fields as $field => $value):
switch(strtolower($field)):
case ‘redirect’:
$redirect = $value;
break;
case ‘subject’:
$subject = $value;
break;
endswitch;
if (strtolower($field) != ‘redirect’ AND strtolower($field) != ‘submit’ AND strtolower($field) != ‘subject’):
$message_body .= strtoupper($field) . “: ” . $value . “rn”;
endif;
endforeach;

// Set the redirect URL from the form (if set). $host_url is a default action if $redirect isn’t set
$redirect = (empty($redirect_url)) ? $redirect : $redirect_url;
$host_url = $_SERVER['HTTP_HOST'];

// Set the message subject based upon a subject field being set or not.

$message_subject = (!empty($subject)) ? $subject : ‘Message from ‘.$_SERVER['HTTP_HOST'];

$headers = ‘From: ‘ . $mail_from. “rn” .
‘Reply-To: ‘ . $mail_from . “rn” .
‘X-Mailer: PHP/’ . phpversion();

// Remove potentially injected headers from the body

if (!mail($mail_to, $message_subject, $message_body, $headers)):
echo “Message Send Failed.”;
endif;

if(empty($redirect)):
header(“Location: http://{$host_url}”);
else:
header(“Location: {$redirect}”);
endif;
?>

Any idea? This is the script I got from godaddy

eaglei22 said 1 year, 12 months ago:

Woops.. Fixed it again.. I guess I missed that page when I was changing all the javascript script locations.. So it wasn’t the form after all.

DaveD said 1 year, 12 months ago:

@eaglei22

Sorry for the delay. Happy to hear that you were able to get this resolved. If you have any other problems let us know.

rst said 1 year, 11 months ago:

I’m having a similar problem on a very simple web page:

<html>

<head>
<title>My Test Page</title>
</head>

<body>
Test of a secure page.
</body>

</html>

As you can see, it doesn’t reference any external sites, but I still get the red x through the chrome lock symbol and a red line through the https text.

Any idea what could be causing this?

eaglei22 said 1 year, 11 months ago:

Hey post the URL to your webpage.. Now that I actually know what I’m looking for let me see if there is anything you’re missing..

Maybe you need to add this:

<!DOCTYPE html PUBLIC “-//W3C//DTD XHTML 1.0 Transitional//EN”
“http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd”>

at the top.. Not sure.. But post the link anyway so others can see.

rst said 1 year, 11 months ago:

Strange! I had the same experience as eaglei22. When I exited the browser and reloaded the page it worked fine (after a delay). I had reloaded the page each time, so it wasn’t a cache problem. Is there some other behind-the-scenes checking that takes it a while to propagate?

DaveD said 1 year, 11 months ago:

@rst

No, but there is a possibility that this was due to when you tried visiting the page. If you are hosting the site with us there is a migration of your domain to a new IP which occurs along with the SSL installation. The migration can take up to 72 hours to complete. The SSL is available only on the new IP, so if process was still underway and you ended up connecting to the old IP it would be expected that you would receive a certificate error. After a refresh if you connected to the new IP instead the error would have then disappeared. This may have been the cause of the error you were seeing.

If you have any other trouble with this let us know so that we can look into it for you. Thanks!

Jeffko said 1 year, 11 months ago:

I am having the same problem, I have tried to force SSL on the entire site, to no avail. The site is http://www.rosaryforyou.com and one time in ten the lock goes on in Chrome. I have tried all I know, some fresh input could solve me a world of problems.

Blessings,

Jeffko

eaglei22 said 1 year, 11 months ago:

Jeffko,

I browsed through your source code and found this,

<script type=”text/javascript” language=”JavaScript” src=”http://www.biblegateway.com/votd/votd.write.callback.js”></script>

I think it’s because you are not linking it to a
secure link.. You might have to take that script, copy it and save it local.. Then link to it from your directory..

Hope this helps,

Jeff

Gary A said 1 year, 11 months ago:

@Jeffko

I noticed the same thing that @eaglei22 said. On your pages you have references that use http instead of https. This effectively breaks the security of your site. Once you remove the http references or replace them with https, the errors should stop.

-Gary