Mixed content Error after SSL installation

Article Details
URL: http://www.mochasupport.com/kayako/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=754
Article ID: 754
Created On: 13 Feb 2017 06:33 AM

Answer Once your SSL certificate is installed, you need to make sure that all of the pages that will be displayed behind the SSL (using https:// protocol), are secure and no insecure content is being requested throughout your pages. Without taking the necessary actions as outlined below, most of the web browser will still show your website as being insecure, despite having an actual SSL in place.
 
For a secure, HTTPS connection to be established, every item on the page must be served from a secure source. This means all embedded images, videos, flash movies, iframes and Java scripts must be served from a secure location. If any items are not, then website visitors will see an error message similar to this:

Firefox


Google Chrome


This is the most common issue of all SSL errors, but is also one of the easiest to fix.


For example, <img src="https://images.mydomain.com/image.png" alt="" >


For example, instead of src=“http://mydomain.com/my-script.js“, use scr=“/my-script.js“.

Then, if your main page is accessed over HTTPS, the browser will also load /my-script.js over HTTPS. This technique is also very useful if your page references external content that is explicitly server over HTTP (YouTube or Google Analytics, for example).



WordPress plugin:

If you are using WordPress you can use the following plugin to help you deal with mixed content errors

https://wordpress.org/plugins/really-simple-ssl/

You can check your application vendor for any modules/tools which can help you easily fix insecure content.