Mixed-Content Warnings When Using SSL Offloading

Overview

This article provides information on how to troubleshoot mixed-content warnings in the browser developer tools when using SSL offloading, such as:

  • Internet Explorer
    Only secure content is displayed.
  • Firefox
    Firefox has blocked content that isn't secure.
  • Chrome
    This page includes script from unauthenticated sources.

 

Prerequisites

 

Diagnosis

The warnings described above are possibly caused by a secured page (HTTPS), which contains unsecured links (HTTP) to some resources (images, scripts, etc.).

You can check for mixed content warnings by:

  1. In your browser, press F12.
  2. View the console.

Solution

  1. Configure the SSL Offload Header Value as required by your load balancers.

    Examples:
  2. Go to the page to be edited.

  3. Go to Persona Bar > Edit.

  4. In the Edit Bar, click the Page Settings icon.

    Page Settings icon

  5. Go to Advanced > More.

    scr-pbtabs-all-content-pages-advanced-more-e91.png

  6. Under Security, enable Secure Connection.

    Security > Secure Connection

  7. If you see mixed-content errors whenever a pop-up modal is shown on the screen, you need to disable the pop-ups that are requesting HTTP. To do so, navigate to Settings > SQL Console and run the following query:

    UPDATE portalsettings 
    SET    settingvalue = 'False' 
    WHERE  settingname = 'EnablePopups' 

 

Testing

To test that the mixed content warnings are gone:

  1. Access the site, edit a page and access a module's settings.
  2. In your browser, press F12.
  3. View the console.

You should cease to receive any mixed-content warnings.

Comments

0 comments

Please sign in to leave a comment.