See What was done to convert from http to https?

e3s Example

Under Firefox, the https://www.e3s-center.org/research/rsh-themes-proj.htm page was showing a triangle next to the URL.

Under Firefox

  1. Go to https://www.e3s-center.org/research/rsh-themes-proj.htm
  2. Tools -> Web Developer -> Toggle Tools
  3. In the console at the bottom, be sure that Security is enabled.
  4. Click on reload
  5. The following appears:
  6. Using Tools -> Web Developer -> View Source, we see that the URLs include http://www.e3s-center.org: 
    <div class="rshThemeIntroPic">
	<img src="http://www.e3s-center.org/images/research-theme1-intro-img--prelim.png" style="border: 1px solid #aaa;" alt="tunneling FET" />
	<p style="margin-top: 2.5em; padding-top: 0; font-style: italic;">
    The fix is to remove http://www.e3s-center.org.

TerraSwarm example

In Firefox, sites like https://www.terraswarm.org are having a triangle with an exclamation point next to the URL.

Clicking on the triangle:

Connection Partially Encrypted

Parts of the page you are viewing were not encrypted or the encryption is not strong enough before being transmitted over the Internet.

Information sent over the Internet without encryption can be seen by other people while it is in transit.

Under Firefox

  1. Go to https://www.terraswarm.org
  2. Tools -> Web Developer -> Toggle Tools
  3. In the console at the bottom, be sure that Security is enabled.
  4. Click on reload
  5. The following appears:
There are two problems: SHA-1 and favicon

SHA-1

The short answer is that SHA-1 is not very secure. https://developer.mozilla.org/en-US/docs/Security/Weak_Signature_Algorithm has a link to https://blog.mozilla.org/security/2014/09/23/phasing-out-certificates-with-sha-1-based-signature-algorithms/ that talks about phasing out SHA-1.

https://support.comodo.com/index.php?/Default/Knowledgebase/Article/View/973/102/important-change-announcement---deprecation-of-sha-1 discusses phasing out as well.

The solution here is to get new certs, see Multi-domain SSL Certificates.

We obtained new certs, so this problem should not reoccur. If it does, contact Christopher.

favicon

A more typical failure is that the page has an absolute link to an image using http. See Why should I use URLs without the http://? for details.

In this case, the html that was causing the problem was created by a PhP script in ~www/php on moog.

For newer sites, edit /home/www/php/ucb/layout/html.inc.php and change:

    echo '                  
     <link rel="shortcut icon" href="http://' . $_SERVER['SERVER_NAME'] . '/favicon.ico"/>'; 
';
to 
    echo '
      <link rel="shortcut icon"href="/favicon.ico"/>       
';

e3s Example

Under Firefox, the https://www.e3s-center.org/research/rsh-themes-proj.htm page was showing a triangle next to the URL.

Under Firefox

  1. Go to https://www.e3s-center.org/research/rsh-themes-proj.htm
  2. Tools -> Web Developer -> Toggle Tools
  3. In the console at the bottom, be sure that Security is enabled.
  4. Click on reload
  5. The following appears:
  6. Using Tools -> Web Developer -> View Source, we see that the URLs include http://www.e3s-center.org: 
    <div class="rshThemeIntroPic">
	<img src="http://www.e3s-center.org/images/research-theme1-intro-img--prelim.png" style="border: 1px solid #aaa;" alt="tunneling FET" />
	<p style="margin-top: 2.5em; padding-top: 0; font-style: italic;">
    The fix is to remove http://www.e3s-center.org.