1

I have the pem file installed in a HTML directory. Although all of the files are in the HTML directory with the pem file, I still get the SSL warning from browsers saying "this page includes other resources which are not secure" even though I don't have any other resources. All the files are inside HTML, including images. What is causing that error to be displayed?

Also, it's not a problem on IE or Firefox. Only Chrome displays a warning saying that the page is not secure.

This problem disappeared after I restarted the browser. It now shows the correct SSL symbol. Perhaps it was a browser bug.

Andrew Schulman
  • 8,561
  • 21
  • 31
  • 47
netrox
  • 161
  • 6
  • Why is your PEM file *in* the html directory? It's not wrong as such, but this has nothing to do with the content to serve, rather it is a matter of TLS/SSL stack configuration (part of the server configuration, which will depend on the server you use). – Bruno Sep 14 '10 at 14:02
  • Where is the best place for pem to be placed? I always thought it has to be in the same folder where the files are being accessed. – netrox Sep 14 '10 at 19:45

1 Answers1

2

Please put your update as an answer and accept it as correct :)

Besides the bug you answered with, the other time that happens is when accessing content within the page not using HTTPS. The warning isn't about the location of the files on the server. Only put files you want web-accessible in the directory; that includes your certificates.

For example, if you access a page using https:// but in your HTML you have img tags with a src using http:// (src="http://") then you'll get that mixed content warning.

Rob Olmos
  • 2,220
  • 1
  • 15
  • 25