[aklug] Re: Slightly off Topic: site doesn't behave the same for https as it does for http

From: Royce Williams <royce@tycho.org>
Date: Mon Dec 15 2014 - 20:54:17 AKST

Specifically, it's NET::ERR_CERT_AUTHORITY_INVALID - likely due to a
self-signed cert. Do you intend to get one of the less-expensive
public certs?

Once you get your SSL clean and stable, you might consider redirecting
all HTTP to HTTPS, because security. ;-)

SSLv3 is disabled (good), but the self-signed cert is going to make
most browsers mad these days.

Make sure everything looks like you expect here:

https://www.ssllabs.com/ssltest/analyze.html?d=frontierfunflyers.org

Some other unsolicited guidance (non-SSL related):

This looks like semi-manually-generated HTML, right? (Not the product
of a canned framework?) Either way, I recommend squashing any invalid
HTML - a bit of a pain at first, but very handy when troubleshooting
down the road. The Firefox "HTML Validator" extension rocks, as does
Google Page Speed and or Yahoo's YSlow. Even if you elect to not use
some of the guidance they provide, just understanding the output is
really educational.

I'm not sure what this JPEG is:

    https://frontierfunflyers.org/photos/15.jpg

... but it purports to be 1.2M but fails to even load in Firefox or
Chrome - both complain that it's an invalid image.

Also, body-bg.jpg and counter.js return 404. And counter.js takes a
loooong time to time out, so dropping that will probably significantly
improve page finishing time.

Separate from the geek feedback ... looks like a fun club to be in!

Royce

On Mon, Dec 15, 2014 at 7:08 PM, Jim Gribbin <jimgribbin@gmail.com> wrote:
> It appears that with "mixed mode", Chrome doesn't like it at all. Chrome
> gives me a warning about lack of security and recommends I go elsewhere.
>
> I am able to bypass the warning and go there anyway, but my address bar
> shows "https://" in red with a red slash through it along with the padlock
> with a red "X" across it.
>
> The pictures do seem to be scrolling though...
>
>
>
> On Sat, Dec 13, 2014 at 5:24 PM, Mike <alaskabarsalou@gmail.com> wrote:
>>
>> Thanks.
>>
>> I haven't used this tool in that way before...I'll give it a shot.
>>
>> Thanks!
>>
>> Mike B.
>>
>>
>> Quoting Christopher Howard <ch.howard@zoho.com>:
>>
>>> The first thing I would check is to see if, when using HTTPS, all of
>>> the javascript (or other critical components) are actually
>>> loading. Many Web pages have javascript or other components delievered
>>> by some other domain or subdomain than the one you typed in at the
>>> address bar. The javascript might be coming from a server that does
>>> not have HTTPS properly configured for that URL. This is pretty easy
>>> to check with Firebug (an add-on for firefox): turn it on, select the
>>> "net" tab, and then reload the page and it will list the status of
>>> every resources that the browser tried to load.
>>>
>>> On Sat, 13 Dec 2014 16:24:03 -0900
>>> Mike <alaskabarsalou@gmail.com> wrote:
>>>
>>>>
>>>> Can someone explain why a site wouldn't behave the same under https
>>>> as it does for http?
>>>>
>>>> When I go to the site using http.... there is some javascript code
>>>> that scrolls four random pictures and it works how I would expect it.
>>>>
>>>> However, when going to the same site with https, it doesn't scroll
>>>> the pictures...from what I can tell, it just stacks them atop of each
>>>> other.
>>>>
>>>> This particular site is using a self-signed certificate, but that
>>>> doesn't seem to matter.
>>>>
>>>> Thoughts?
>>>>
>>>> Mike B.
>>>>
>>>>
>>>> Troubleshooting Background:
>>>>
>>>> This isn't true for all browsers, so far only firefox 34 on my ubuntu
>>>> machine.
>>>>
>>>> Works fine for ipad, haven't tested others.
>>>>
>>>> Site is https://frontierfunflyers.org
>>>>
>>>>
>>>> ---------
>>>> To unsubscribe, send email to <aklug-request@aklug.org>
>>>> with 'unsubscribe' in the message body.
>>>>
>>
>>
>> ---------
>> To unsubscribe, send email to <aklug-request@aklug.org>
>> with 'unsubscribe' in the message body.
>>
>
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Mon Dec 15 20:55:10 2014

This archive was generated by hypermail 2.1.8 : Mon Dec 15 2014 - 20:55:10 AKST