I’m also seeing a browser error that;
https://community.openenergymonitor.org/discourse/components/home-logo
module is missing or not accessible.
(Don’t know if it’s connected, but number of changes were made to the home-logo.js.es6 in discourse’s github repo just 2 days ago)
Paul
…in fact it’s the Oem favicon which is being served http and not https, and which is causing the problem (mixed content).
@glyn.hudson the Oem favicon needs moving to the https://community.openenergymonitor.org sub-domain, instead of linking to it from http://guide.openenergymonitor.org/images/favicon-144.png
Thanks for debugging, should be fixed now. You may need to clear your cache.
What browser are you using? I don’t see any errors in Chrome. Could you post a screen grab?
Thanks for the info. The header logo error should now be fixed. Thanks to the info on this thread it was due to a recent upgrade to Discourse header which required a change in the way we do the redirect to /latest on the top logo is clicked
All looks good now!
Paul
Also just managed to fix the mixed content issue on OpenEnergyMonitor.org by adding <meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests"> to the Drupal header. This automatically tells the browser to upgrade http content e.g .images requests to https before serving. Thanks Google developers
mixed content on the old forum show now also be fixed, see my post above. Please confirm. You may need to clear browser cache.
Glyn,
Opera v36.0.2130.65 gives me this error:
and
Chrome v49.0.2623.112 m gives this one:
Interesting…
Universal SSL should work fine with Opera 8 and above, from the Cloud Flare page on Universal SSL
Universal SSL uses Server Name Indication (SNI) certificates using Elliptic Curve Digital Signature Algorithm (ECDSA). SNI and ECDSA certificates work with the following modern browsers:
Desktop Browsers installed on Windows Vista or OS X 10.6 or later:
Internet Explorer 7
Firefox 2
Opera 8 (with TLS 1.1 enabled)
Google Chrome v5.0.342.0
Safari 2.1
Update: just installed Opera and the forum works fine for me on Opera 36.
Do you have any issues with any other SSL sites?
Could you post the output of some SSL testers:
https://www.howsmyssl.com/
https://www.ssllabs.com/ssltest/viewMyClient.html
@Bill.Thomson - can you access my ‘poor excuse for a site’ - https://www.digitalnut.co.uk/
I’m also using Cloudflare, similar as Oem (not full -strict though).
Paul
Thanks for the cross-check, Paul
I get the same results with your site as I do with the new OEM site, i.e no joy with Opera or Chrome.
Firefox works OK.
This check was performed with my home desktop machine. The earlier test was with a laptop at my office.
I’m going to try with another laptop/OS combo.
Update…
Looks like the issue is Win XP. Opera and Chrome work OK with Win 7, Win 10 and Linux.
I know, I know, should have ditched XP, but I don’t like the W7 UI, and like the W10 UI even less.
At least the solution is easy (for me, anyway) - switch to Slackware, Debian, etc. etc.
Paul, thanks again for the help!
with all changes from last hours the ssl link doesn’t seem to be clean anymore
Which page do you see that on? It’s probably due to the image being hosted
over http
any page, even latest / categories pages.
Mixed content problem again … not sure how you will be able to solve that.
Since we are able to post with non ssl links …
Any clues in browser developer tools I’ll take a look when I get home
For this page, my Opera 37 (Ubuntu desktop) is happy - shows “Secure connection”.
so does Chromium Version 49.0.2623.108 Ubuntu 14.04 (64-bit)
also Firefox 46.0
I randomly checked a handful of pages, and I can’t find a page that doesn’t show as secure.
[EDIT]
And iexplore in W10 under VirtualBox also says “This connection to the server is encrypted”.
Yup, all good for me also on Chrome. Anyone else notice broken padlock? @bidouilleur what browser are you using? Please post console errors and SSL into
I had a broken padlock for near 19:00 UTC. I cleared the cache and then all was well.
