Since Firefox 36.0 shows grey exclamation mark on https connection
Hello,
before FF 36.0 everything worked fine. Since FF 36.0 Firefox indicates my connection with a grey exclamation mark. IE 11, Chrome 40.0.2214.115 m are showing SSL/TLS connection as fine. There are no images or anything else without https loaded. It's an GeoTrust QuickSSL Premium Certificate.
الحل المُختار
Hello,
if I remove the smarticon site seal everything is fine. GeoTrust's ceritificate of the smarticon site seal uses RC4. They're on this now to fix it. I hope they get it soon.
Read this answer in context 👍 1All Replies (10)
Hello,
it seems the site seal logo (smarticon) from geotrust is not compatibel with FF 36.0.
If I remove the site seal logo everything is fine.
Sometimes the mixed display content warning can be caused by a glitch in Firefox's cache. In that case, reloading the page using Ctrl+Shift+r should clear the problem, at least temporarily.
If the problem persists, can you open Firefox's Web Console (Ctrl+Shift+k) and then reload the page and see what file is being retrieved over HTTP instead of HTTPS? If the main Console tab is too cluttered, you can switch to the Network tab and reload again.
Hello,
there are no items loaded over http. The smarticon site seal logo from geotrust.com has a sha-1 certificate.
If no items are loaded over HTTP, then Firefox should display the normal padlock.
If you open the Browser Console (Ctrl+Shift+j) and type mix into the filter box at the upper right, can you find any references to a mixed content issue? In English, the message reads:
"Loading mixed (insecure) display content on a secure page"
followed by the URL, and it has a red triangle at the left end (the third line in the attached image).
الحل المُختار
Hello,
if I remove the smarticon site seal everything is fine. GeoTrust's ceritificate of the smarticon site seal uses RC4. They're on this now to fix it. I hope they get it soon.
Thank you for the additional info on SHA-1 & RC4, I wasn't aware of this new wrinkle in the mixed content icon.
Same problem here.
I found another way to embed the seal. <script type="text/javascript" src="https://seal.geotrust.com/getgeotrustsslseal?host_name=www.domain.com&size=S&lang=en"></script> instead of <SCRIPT LANGUAGE="JavaScript" TYPE="text/javascript" SRC="//smarticon.geotrust.com/si.js"></SCRIPT>
found it on Geotrust
Hello,
this seal seems not to be valid with QuickSSL Premium certificate!
for True BusinessID with EV it works perfect. Have you replaced your domain in the script host_name=www.domain.com?
Sure,
nothing will be displayed.
https://www.geotrust.com/ssl/ssl-site-seals/
It depends on your certificate which code/seal works.