We have SSL Certificate installed on a linux server. We are accessing every page with 'https'. When we run a site in Internet Explorer 6.03 (SPE3?). it shows a pop-up as "This page contains both secure and nonsecure items. Do you want to display the nonsecure items?".
views:
175answers:
1
A:
It means that some elements referenced in the html (eg. images, css, javascript files, etc) are loaded over http, not https. If you are using absolute paths in your html, try changing http:// to https:// (or just // to us a relative scheme) in all absolute path references. Of course this assumes all your externally loaded content can also be served over https. If the files are served from a different domain, you will have to supply a valid cert for that domain too.
Asaph
2010-03-31 05:47:47
We replaced http:// with https:// in every file. However in DOCTYPE html tag there is http mentioned as '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">' Do we need to replave this as well? However this pop-up comes only in IE6, in IE7 it works fine.
snew
2010-03-31 05:59:15
Doctype shouldn't impact anything. One possibility is that one or more of your resources requested via https gets redirected to http. Is that possible? Also are you using any javascript libraries that might be making AJAX calls over http? One other idea: Do any of your CSS rules reference external http resources? One last idea: Do you have any 3rd party ads or tracking code? Try disabling them and see if it helps.
Asaph
2010-03-31 06:32:24
snew
2010-03-31 07:58:30
If you temporarily remove the 3rd party code, do the warnings go away? If so, rather than hacking the 3rd party code, look for a vendor supported way to use their libraries over https. If that is not possible, consider replacing the libraries with something else that works over https.
Asaph
2010-03-31 13:45:44