locked
Conversion from http to https issue RRS feed

  • Question

  • User-94285869 posted

    Hi,

    We've been required to convert our URL from http to https.  We obtained a single security certificate but we used it for three websites that are residing on the same server.

    Problem is, when we use the https URL, the following web browsers give us the following errors:

      Firefox:  "Connection is not secure"
      Chrome:  "This page is trying to load scripts from unauthorized sources."
      Edge:  "We've blocked content sent over insecure connections..."

    It seems like https connection considers all my scripts as insecure.

    How do I solve this?  Appreciate any response.

    Thursday, December 15, 2016 5:47 PM

Answers

  • User2053451246 posted

    Make your script references relative (like ..\blah.js, etc.) or hard code https into the script reference.

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Thursday, December 15, 2016 5:54 PM
  • User753101303 posted

    Hi,

    You likely have some hardcoded http:// locations inside your pages (which shows a warning as it means your main page is secured but that you still get some other content from an unsecured source). Just replace that with https (most if not all CDN providers are providing https support).

    You can also use F12 Network to easily spot all remaining http requests.

    If for some reason you still need to support both http and https, see https://www.paulirish.com/2010/the-protocol-relative-url/

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Thursday, December 15, 2016 6:01 PM

All replies

  • User2053451246 posted

    Make your script references relative (like ..\blah.js, etc.) or hard code https into the script reference.

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Thursday, December 15, 2016 5:54 PM
  • User753101303 posted

    Hi,

    You likely have some hardcoded http:// locations inside your pages (which shows a warning as it means your main page is secured but that you still get some other content from an unsecured source). Just replace that with https (most if not all CDN providers are providing https support).

    You can also use F12 Network to easily spot all remaining http requests.

    If for some reason you still need to support both http and https, see https://www.paulirish.com/2010/the-protocol-relative-url/

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Thursday, December 15, 2016 6:01 PM
  • User-94285869 posted

    Made changes to one of the websites and it works. 

    However, in one of the website, when I tried to republish it using Visual Studio 2015, it failed. 

    Any ideas?

    Thursday, December 15, 2016 6:46 PM
  • User-94285869 posted

    Hi,

    Got it to work.  Simple mistake in publishing:  I forgot to change the Destination URL into https when publishing it.

    It now works.

    Thanks to you all.

    Thursday, December 15, 2016 9:31 PM