SSL - Only secured items are displayed


#1

I am getting the “Only secured items are displayed” errors and browsers report my web site is not secure.

When I test on http://www.WhyNoPadlock.com I get the following feedback:
“certificate common name si0.twimg.com doesn’t match requested host name platform.twitter.com

Here is the code:

<script type="text/javascript" src="https://platform.twitter.com/widgets.js">

How do I fix this? Or is this something you need to fix?
Jeff


#2

I think that service isn’t parsing the complete certificate - platform.twitter.com is listed in the certificate’s SAN extension. Are you seeing an error in an actual browser? Chrome shows the green padlock for me.


#3

Yes, I’m getting an error on the browser as well, including Chrome. It says the connection is encrypted and my cert is OK but “the page includes other resources which are not secure”.


#4

Same issue for us, did you ever get it resolved?
thanks,
Colin www.hitherandyon.com


#5

This is a non issue - chrome and firefox both show secure even though http://www.whynopadlock.com/ was giving that error message, so I contacted them and they made a correction to their site - you won’t get an error message now :slight_smile:
Aloha,
Colin


#6

Are you using any extensions which may be injecting non-SSL content into your page? Could you share an URL which does not have the padlock in Chrome?


#7

Arne, thanks for your reply. https://www.cloudresourcegroup.com is the site I am debugging. It still shows “the page includes other resources that are not secure” error on the warning padlock icon in Chrome.
IE9 says “only secure content is displayed”.
Firefox shows the same error.

Whynopadlock.com is no longer reporting errors. I’m going to ask them for help as well.


#8

Update: The Twitter link is working fine now.

Whynopadlock.com traced the issue to a Stumbleupon link as well as a Addthis link and the lock appeared when I removed these features.


#9

Cool, thanks for following up with your solution.


#10

#11