3

I'm facing a problem with an Extended Validation SSL certificate that displays correctly (the green bar with the Organization name and Country code) on all pages except the index of my DocumentRoot.

Permissions and directives on the web server are the same for all the site but for some strange reason the EV bar is shown for almost a second and then it hides. It keeps the communication encrypted between the server and browser but the address bar is shown as a level 1 ssl cert instead of EV (Level 3)

The same behavior on firefox/chrome/IE.

I'm using Apache/2.2.16 (Debian) and libssl0.9.8 and the main site is under Joomla 1.5 CMS (I know it's pretty old).

I already change to 1 the force_ssl value on joomla's configuration.php file but the result is the same since it's not an encryption issue.

Jorge V.
  • 292
  • 1
  • 4
  • 12
  • Does that page load resources from any domains other than the one the user's accessing? – Shane Madden Dec 22 '12 at 19:52
  • I'm just running one domain/vhost on this server – Jorge V. Dec 24 '12 at 03:05
  • 1
    That's not what I was asking. Pages often load resources from external domains - Google analytics, CDNs for static content, etc. Does your home page load any resources from a different domain? – Shane Madden Dec 24 '12 at 05:05
  • Sorry, I misunderstood the question. Your suggestion helped me to solve my issue. I'm answering the question. – Jorge V. Dec 24 '12 at 08:25

1 Answers1

1

The main page source code contained an iframe for another domain accessing content over http instead of https.

I removed the iframe an now the EV cert is being shown as it should. I guess it was related to the fact that not all the content was sent encrypted.

Shane's question pointed me to the answer.

Community
  • 1
Jorge V.
  • 292
  • 1
  • 4
  • 12