: How can I make a browser trust my SSL certificate when I request resources from an external server? I have installed an SSL certificate on one of my domains and it works perfectly, but on
I have installed an SSL certificate on one of my domains and it works perfectly, but on some pages I include a Google Font, which causes my certificate icon to change in:
instead of:
The reason, according to Google Chrome (translated with Google Translate):
Your connection to xxxxxx is encrypted with 128-bit encryption. This page includes other resources which are not secure. These resources can be viewed by others while in transit and can be modified to fit.
So how can I make the browser 'trust' my SSL certificate, even though I request an external resource from Google Fonts?
And also, does it matter that I use links like these:
<link rel='stylesheet' id='et-shortcodes-css-css' href='https://xxxxxx/wp-content/themes/Divi/epanel/shortcodes/css/shortcodes.css?ver=3.0' type='text/css' media='all' />
instead of
<link rel='stylesheet' id='et-shortcodes-css-css' href='wp-content/themes/Divi/epanel/shortcodes/css/shortcodes.css?ver=3.0' type='text/css' media='all' />
Thanks!
More posts by @Chiappetta492
4 Comments
Sorted by latest first Latest Oldest Best
To improve user's security, Google has recently announced that it has quit support for SHA-1 (128 bit) signature algorithm, that means it will not consider site that is encrypted with SHA-1.
To solve this error you need to contact your Certificate authority and ask for reissue your SSL certificate with SHA-2 (> 256 bit) encryption algorithm.
SHA-2 algorithm is compatible with compatible with updated version of Google Chrome.
After installing SSL with SHA-2 encryption algorithm you can see your Website with Green address bar.
You can put // in front of your hrefs, that way it will use the same protocol as the requesting page.
You should use `href="/wp-content/themes/Divi/epanel/shortcodes/css/shortcodes.css" in your HTML code.
Then you should make sure that you use form URLs in your CSS file for the URLs to any external resources.
Try to use https to fetch resources not located on your server. If it does not work (or if https is not supported), try to move the Google font file (css and woff) on your website server rather than fetching them from Google Font itself (ditto for other external resources).
Regarding explicitly using https for resources located on your server, it is not necessary.
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2024 All Rights reserved.