After 8hrs of casual slightly stressful Sunday afternoon server config HTTPS is now enabled for the new forum
Please report any HTTP issues to this thread…
The pain points came from having the move HTTPS from Apache to Nginx and then reverse proxy via socket to docker instance for the Discourse forum and to Apache for PHP requests on our old sites. I wrote more about this here:
I’m getting a warning in Firefox that some parts of the site are not secure such as images and if I mouse over the padlock I get a warning that ‘This website does not supply identity information.’.
Thanks for the info. The header logo error should now be fixed. Thanks to the info on this thread it was due to a recent upgrade to Discourse header which required a change in the way we do the redirect to /latest on the top logo is clicked
Also just managed to fix the mixed content issue on OpenEnergyMonitor.org by adding <meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests"> to the Drupal header. This automatically tells the browser to upgrade http content e.g .images requests to https before serving. Thanks Google developers
Universal SSL uses Server Name Indication (SNI) certificates using Elliptic Curve Digital Signature Algorithm (ECDSA). SNI and ECDSA certificates work with the following modern browsers:
Desktop Browsers installed on Windows Vista or OS X 10.6 or later:
Internet Explorer 7
Firefox 2
Opera 8 (with TLS 1.1 enabled)
Google Chrome v5.0.342.0
Safari 2.1
Update: just installed Opera and the forum works fine for me on Opera 36.
Thanks for the cross-check, Paul
I get the same results with your site as I do with the new OEM site, i.e no joy with Opera or Chrome.
Firefox works OK.
This check was performed with my home desktop machine. The earlier test was with a laptop at my office.
I’m going to try with another laptop/OS combo.
Update…
Looks like the issue is Win XP. Opera and Chrome work OK with Win 7, Win 10 and Linux.
I know, I know, should have ditched XP, but I don’t like the W7 UI, and like the W10 UI even less.
At least the solution is easy (for me, anyway) - switch to Slackware, Debian, etc. etc.