If the sites you are referencing allow you to access them over https, that will solve the problem. My prefered solution is to omit the http: altogether. If a url just starts with "//example.com/rest/of/url", the browser will use the appropriate protocol automatically.
- Y On Tue, Oct 22, 2013 at 9:59 AM, Dennis Putnam <[email protected]> wrote: > On 10/22/2013 9:44 AM, Yehuda Katz wrote: > > On Tue, Oct 22, 2013 at 9:39 AM, Dennis Putnam <[email protected]> wrote: > >> Thanks. That might make more sense (at least to me). After more reading, >> I am not sure that I don't have SNI capable version of httpd already >> installed (how do I tell?). The pages that work are very simple but the >> one that doesn't is complex and has lots of graphics. If that is the >> case, why are they not encrypted like everything else (assuming they are >> not referenced on a different server)? >> > > As I mentioned, if you don't have SNI, then you should see major > warnings from the browser that something is wrong when you go to any site > but the first one. > > As far as finding the offending image: Go to the page in your browser, > right click on the page and choose view source (or a similar option). Then > search in the source for http:// > That should let you find which images are not secure. > If the URLs are publicly accessible, post them here if you want someone to > have a specific look (or email me privately if you don't want them to be > public and I will try to have a look). > > - Y > > Ah ha! You hit it. There are references to social media on the page > that use http (Facebook, LinkedIn and Twitter). Since they reference a > different site will just changing it to https be sufficient or is there > some other workaround? Thanks. >
