HTTPS is now enabled for the forum

I’m also seeing a browser error that;
module is missing or not accessible.
(Don’t know if it’s connected, but number of changes were made to the home-logo.js.es6 in discourse’s github repo just 2 days ago)


…in fact it’s the Oem favicon which is being served http and not https, and which is causing the problem (mixed content).
@glyn.hudson the Oem favicon needs moving to the sub-domain, instead of linking to it from

Thanks for debugging, should be fixed now. You may need to clear your cache.

What browser are you using? I don’t see any errors in Chrome. Could you post a screen grab?

I’m using Chrome also - in developers mode (F12)

…and in Firefox

Thanks for the info. The header logo error should now be fixed. Thanks to the info on this thread it was due to a recent upgrade to Discourse header which required a change in the way we do the redirect to /latest on the top logo is clicked

1 Like

All looks good now!


1 Like

Also just managed to fix the mixed content issue on by adding <meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests"> to the Drupal header. This automatically tells the browser to upgrade http content e.g .images requests to https before serving. Thanks Google developers

1 Like

mixed content on the old forum show now also be fixed, see my post above. Please confirm. You may need to clear browser cache.

1 Like


Opera v36.0.2130.65 gives me this error:


Chrome v49.0.2623.112 m gives this one:


Universal SSL should work fine with Opera 8 and above, from the Cloud Flare page on Universal SSL

Universal SSL uses Server Name Indication (SNI) certificates using Elliptic Curve Digital Signature Algorithm (ECDSA). SNI and ECDSA certificates work with the following modern browsers:

Desktop Browsers installed on Windows Vista or OS X 10.6 or later:

Internet Explorer 7
Firefox 2
Opera 8 (with TLS 1.1 enabled)
Google Chrome v5.0.342.0
Safari 2.1

Update: just installed Opera and the forum works fine for me on Opera 36.

Do you have any issues with any other SSL sites?

Could you post the output of some SSL testers:

@Bill.Thomson - can you access my ‘poor excuse for a site’ -
I’m also using Cloudflare, similar as Oem (not full -strict though).


Thanks for the cross-check, Paul
I get the same results with your site as I do with the new OEM site, i.e no joy with Opera or Chrome.
Firefox works OK.

This check was performed with my home desktop machine. The earlier test was with a laptop at my office.
I’m going to try with another laptop/OS combo.


Looks like the issue is Win XP. Opera and Chrome work OK with Win 7, Win 10 and Linux.
I know, I know, should have ditched XP, but I don’t like the W7 UI, and like the W10 UI even less.
At least the solution is easy (for me, anyway) - switch to Slackware, Debian, etc. etc.

Paul, thanks again for the help!

with all changes from last hours the ssl link doesn’t seem to be clean anymore

Which page do you see that on? It’s probably due to the image being hosted
over http

  • sent from my mobile device

any page, even latest / categories pages.
Mixed content problem again … not sure how you will be able to solve that.
Since we are able to post with non ssl links …

Any clues in browser developer tools I’ll take a look when I get home

  • sent from my mobile device

For this page, my Opera 37 (Ubuntu desktop) is happy - shows “Secure connection”.

so does Chromium Version 49.0.2623.108 Ubuntu 14.04 (64-bit)

also Firefox 46.0

I randomly checked a handful of pages, and I can’t find a page that doesn’t show as secure.

And iexplore in W10 under VirtualBox also says “This connection to the server is encrypted”.

Yup, all good for me also on Chrome. Anyone else notice broken padlock? @bidouilleur what browser are you using? Please post console errors and SSL into

I had a broken padlock for near 19:00 UTC. I cleared the cache and then all was well.

1 Like