Default template all content not secure in login page (network solutions host)

[jpietrowiak]

I installed a bran new site with zen 1.3.9h. When I click on the login page internet explorer says "only secure content is displayed and gives me a choice to display all. It looks like the CSS files are not loading up on https. I don't want the customer to see a mostly white page when logging in. Any idea why this is happening?

I am troubleshooting my current site for this error and tried putting a default zen installation to see if same thing happens. I thought this did not happen before.

FYI I recently moved hosts to network solutions a couple weeks ago and typically used firefox which I don't see this warning. They also had some server issues as well in the last week. I have been on tech support several times and they tell me there is nothing wrong with the SSL.

Thanks for any help you may provide

[DrByte]

FYI I recently moved hosts to network solutions

Therein lies your problem.
The SSL that netsol gives has never worked with Zen Cart, despite valient efforts by Zen Cart to convince them that they're almost the only hosting company that can't make SSL work to any conventional standard.

To see it for yourself, try this ssltest script, and report back its output:
http://www.zen-cart.com/forum/showpo...87&postcount=4

[jpietrowiak]

Thanks for the quick reply. Here is what my host has

Protocol detected: NONSSL



Array
(
[PATH] => /lib64/rc/sbin:/lib64/rc/bin:/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/opt/bin:/usr/x86_64-pc-linux-gnu/gcc-bin/4.5.3:/var/hivedb/:/usr/services/vux/apache/bin
[FCGI_ROLE] => RESPONDER
[SCRIPT_URL] => /ssltest.php
[SCRIPT_URI] => http://example.com/ssltest.php
[DOMAIN_NAME] => example.com
[DOMAIN_PATH] => /data/24/2/43/52/2695867/user/2961109/htdocs/cncstore
[PKEY] => 2695867.2961109
[RAILS_URI] => INVAL
[DOMAIN_USER] => 2695867.2961109
[HTTP_ACCEPT] => text/html, application/xhtml+xml, */*
[HTTP_ACCEPT_ENCODING] => gzip, deflate
[HTTP_ACCEPT_LANGUAGE] => en-us
[HTTP_COOKIE] => zenid=139ed703b0d43e8c282dafe611bfd210; __utma=238792786.449342449.1332941366.1332941366.1332941366.1; __utmb=238792786.1.10.1332941366; __utmc=238792786; __utmz=238792786.1332941366.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
[HTTP_USER_AGENT] => Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; WOW64; Trident/5.0)
[HTTP_HOST] => cnc-specialty-store.com
[HTTP_X_FORWARDED_FOR] => 107.8.211.54
[HTTP_X_FORWARDED_HOST] => example.com
[HTTP_X_FORWARDED_SERVER] => example.com
[HTTP_CONNECTION] => Keep-Alive
[SERVER_SIGNATURE] =>
[SERVER_SOFTWARE] => Apache/2.2.22 (Unix) FrontPage/5.0.2.2635
[SERVER_NAME] => example.com
[SERVER_ADDR] => 10.49.33.119
[SERVER_PORT] => 80
[REMOTE_ADDR] => 205.178.182.177
[DOCUMENT_ROOT] => /data/24/2/43/52/2695867/user/2961109/htdocs/cncstore
[SERVER_ADMIN] => [no address given]
[SCRIPT_FILENAME] => /data/24/2/43/52/2695867/user/2961109/htdocs/substore/ssltest.php
[REMOTE_PORT] => 3178
[GATEWAY_INTERFACE] => CGI/1.1
[SERVER_PROTOCOL] => HTTP/1.1
[REQUEST_METHOD] => GET
[QUERY_STRING] =>
[REQUEST_URI] => /ssltest.php
[SCRIPT_NAME] => /ssltest.php
[PHP_SELF] => /ssltest.php
[REQUEST_TIME] => 1332941465
[argv] => Array
(
)

[argc] => 0
)

[DrByte]

Was that from running it via https: //your_domain.com/ssltest.php or just http:// ... ?

If that was from using an https URL to access the file, then clearly the server isn't showing any evidence of being in SSL mode whatsoever.

[jpietrowiak]

That one above was http:// the one below is https:// which looks like it is also not really SSL


Array
(
[PATH] => /lib64/rc/sbin:/lib64/rc/bin:/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin
[FCGI_ROLE] => RESPONDER
[SCRIPT_URL] => /ssltest.php
[SCRIPT_URI] => http://example/ssltest.php
[DOMAIN_NAME] => example.com
[DOMAIN_PATH] => /data/24/2/43/52/2695867/user/2961109/htdocs/cncstore
[PKEY] => 2695867.2961109
[RAILS_URI] => INVAL
[DOMAIN_USER] => 2695867.2961109
[HTTP_ACCEPT] => text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
[HTTP_ACCEPT_ENCODING] => gzip, deflate
[HTTP_ACCEPT_LANGUAGE] => en-us,en;q=0.5
[HTTP_COOKIE] => zenid=af20f904e66b0e0d33eaba1fe50ea175; __utma=238792786.460847359.1332944971.1332952760.1332958495.4; __utmc=238792786; __utmz=238792786.1332944971.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
[HTTP_USER_AGENT] => Mozilla/5.0 (Windows NT 6.0; WOW64; rv:11.0) Gecko/20100101 Firefox/11.0
[HTTP_HOST] => cnc-specialty-store.com
[HTTP_X_FORWARDED_FOR] => 107.8.211.00
[HTTP_X_FORWARDED_HOST] => example.com
[HTTP_X_FORWARDED_SERVER] => example.com
[HTTP_CONNECTION] => Keep-Alive
[SERVER_SIGNATURE] =>
[SERVER_SOFTWARE] => Apache/2.2.21 (Unix) FrontPage/5.0.2.2635
[SERVER_NAME] => cnc-specialty-store.com
[SERVER_ADDR] => 10.49.33.144
[SERVER_PORT] => 80
[REMOTE_ADDR] => 205.178.182.177
[DOCUMENT_ROOT] => /data/24/2/43/52/2695867/user/2961109/htdocs/store
[SERVER_ADMIN] => [no address given]
[SCRIPT_FILENAME] => /data/24/2/43/52/2695867/user/2961109/htdocs/store/ssltest.php
[REMOTE_PORT] => 4587
[GATEWAY_INTERFACE] => CGI/1.1
[SERVER_PROTOCOL] => HTTP/1.1
[REQUEST_METHOD] => GET
[QUERY_STRING] =>
[REQUEST_URI] => /ssltest.php
[SCRIPT_NAME] => /ssltest.php
[PHP_SELF] => /ssltest.php
[REQUEST_TIME] => 1332962010
[argv] => Array
(
)

[argc] => 0
)

[DrByte]

Right. Clearly they're not doing SSL in any conventional way.