Trouble with SSL certificate-only "partially encrypted&

mjarosz · Post by **mjarosz** » Fri Jun 08, 2007 6:22 am

We've had a SSL certificate installed on our cart for about a year now, and there is still a year left before it expires. The cart is hosted on one domain (for which the SSL was purchased), and the site linking to the cart with the actual product pages is on another.

Whenever someone tries to access the cart page in IE, they get a partial encryption message that warns them of leaked information possibilities. There are several scripts installed on the main cart page that call external sites, so I'm not sure if that's what is setting off the partial encryption error, or is a problem with the hosting settings and the certificate itself.

Here's the setup we have currently:
The main site, www.chuckwoolery.com, displays all of the available products and people can add them to the cart from there, which leads to the www.motolures.com domain name. The SSL certificate was purchased for scart.motolures.com, but there isn't anything that's actually located at that subdomain. In the hosting settings in the Shopsite backend, all of the links were the same as before we installed the certificate, with the exception of the HTTPS replacing the HTTP in the SLL area.

What do I need to change to get this to fully encrypted?

-Also, we're using Shopsite Pro 8

mjarosz · Post by **mjarosz** » Fri Jun 08, 2007 6:50 am

mjarosz · Post by **mjarosz** » Fri Jun 08, 2007 9:40 am

Nevermind, it seems to still have issues with IE even though the URL is displaying with a HTTPS.

loren_d_c · Post by **loren_d_c** » Fri Jun 08, 2007 10:52 am

I don't see any errors regarding insecure content, but I do see errors because your SSL certificate is issued for scart.motolures.com and you are trying to use it with www.motolures.com. The SSL cert is only supposed to be used with the exact domain name that it has been issued for, and if you use it with some other domain name it will cause browser warnings, in all web browsers not just IE.

So you should either move the scart.motolures.com domain over to this server and configure all of your ShopSite https:// URLs to use this domain and change all of your OrderAnywhere links (since you are using https:// for them as well) to use this domain, or get your certificate re-issued and re-installed for www.motolures.com, the domain you are currently using in your store.

-Loren

mjarosz · Post by **mjarosz** » Mon Jun 11, 2007 6:16 am

loren_d_c wrote:I don't see any errors regarding insecure content, but I do see errors because your SSL certificate is issued for scart.motolures.com and you are trying to use it with www.motolures.com. The SSL cert is only supposed to be used with the exact domain name that it has been issued for, and if you use it with some other domain name it will cause browser warnings, in all web browsers not just IE.

So you should either move the scart.motolures.com domain over to this server and configure all of your ShopSite https:// URLs to use this domain and change all of your OrderAnywhere links (since you are using https:// for them as well) to use this domain, or get your certificate re-issued and re-installed for www.motolures.com, the domain you are currently using in your store.

-Loren

What do you mean by "move the scart.motolures.com domain over to this server?" Do you mean simply creating a subdomain called scart and having that redirected to the store main page?