On 10/22/2013 10:03 AM, Yehuda Katz wrote: > If the sites you are referencing allow you to access them over https, > that will solve the problem. > My prefered solution is to omit the http: altogether. If a url just > starts with "//example.com/rest/of/url > <http://example.com/rest/of/url>", the browser will use the > appropriate protocol automatically. > > - Y > > > On Tue, Oct 22, 2013 at 9:59 AM, Dennis Putnam <d...@bellsouth.net > <mailto:d...@bellsouth.net>> wrote: > > On 10/22/2013 9:44 AM, Yehuda Katz wrote: >> On Tue, Oct 22, 2013 at 9:39 AM, Dennis Putnam >> <d...@bellsouth.net <mailto:d...@bellsouth.net>> wrote: >> >> Thanks. That might make more sense (at least to me). After >> more reading, >> I am not sure that I don't have SNI capable version of httpd >> already >> installed (how do I tell?). The pages that work are very >> simple but the >> one that doesn't is complex and has lots of graphics. If that >> is the >> case, why are they not encrypted like everything else >> (assuming they are >> not referenced on a different server)? >> >> >> As I mentioned, if you don't have SNI, then you should see major >> warnings from the browser that something is wrong when you go to >> any site but the first one. >> >> As far as finding the offending image: Go to the page in your >> browser, right click on the page and choose view source (or a >> similar option). Then search in the source for http:// >> That should let you find which images are not secure. >> If the URLs are publicly accessible, post them here if you want >> someone to have a specific look (or email me privately if you >> don't want them to be public and I will try to have a look). >> >> - Y >> > Ah ha! You hit it. There are references to social media on the > page that use http (Facebook, LinkedIn and Twitter). Since they > reference a different site will just changing it to https be > sufficient or is there some other workaround? Thanks. > > Thanks. I'll give that a try.
signature.asc
Description: OpenPGP digital signature
