Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

SSL pages won't display but only on Explorer


don01234

Recommended Posts

My site midhardware.com runs on MTS, passed the test on whynopadlock.com for SSL.  However, on Explorer anything https:// will not display.  I first noticed the problem couple of weeks ago, when it was brought my attention by a customer.  Since then I double triple checked but I cannot find what the problem is.

 

Any help will be much appreciated.  

 

Don

Link to comment
Share on other sites

Different browsers react to http (non-https) content (images, .js, .css, etc.) on an https page in different ways. Some say nothing, and just ignore non-https content. Others will give you a warning, and others may simply refuse to display the page at all. You might first try snooping around (possibly with Firefox or Chrome) to see if you can find non-https content. If you find some, you have to fix it. I just took a quick look, and you have LOTS of http: links (<a>), but I don't think those will break the browser. However, if you have http->https redirects in your .htaccess, they could be putting extra load on your server.

Link to comment
Share on other sites

You can run a SSL report with a lot more info at ssllabs.com and you have some problems.  Here's a link with your site loaded https://www.ssllabs.com/ssltest/analyze.html?d=midhardware.com&hideResults=on

 

IE is not the only browswer your failing on.  One thing that stands out is your server doesn't support protocols over TLS 1.0, so no TLS 1.1 or 1.2.  It shows some problems with your certificate too.  You might need to get your host involved and you should be able to connect higher than TLS 1.0 by now.  On all the IE test shows "Server sent fatal alert: handshake_failure".   Run the test at the link and then you can Google some of the errors because this is not an OScommerce problem but a server problem.

I'm not really a dog.

Link to comment
Share on other sites

You can also read this article on lack of TLS1.2 support https://blog.qualys.com/ssllabs/2015/05/22/ssl-labs-increased-penalty-when-tls-12-is-not-supported

 

Looking further your problem is the server version you are on.  RedHat 5 won't support higher TLS.  You need a newer server.  Here's key data from the report above.

HTTP server signature Apache/2.2.31 (Unix) mod_ssl/2.2.31 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4

I'm not really a dog.

Link to comment
Share on other sites

  • 2 months later...

I recently went with a free certificate, DIY approach from letsencrypt.org and got an A rating from the above ssllabs site

 

Still if I see other comments, you need to find a better host for your website first.

KEEP CALM AND CARRY ON

I do not use the responsive bootstrap version since i coded my responsive version earlier, but i have bought every 28d of code package to support burts effort and keep this forum alive (albeit more like on life support).

So if you are still here ? What are you waiting for ?!

 

Find the most frequent unique errors to fix:

grep "PHP" php_error_log.txt | sed "s/^.* PHP/PHP/g" |grep "line" |sort | uniq -c | sort -r > counterrors.txt

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...