SSL not showing green lock? Here’s some things to try.

Recently we did a certificate request with an IIS server and loaded the received certificates under Enterprise Trust and imported the certificate into IIS.

When we visited the website, we noticed that the newly loaded server did not present a green lock but instead loaded a

  • Visit Why No Padlock? https://www.whynopadlock.com/index.html
  • Visit Comodo’s SSL Analyzer
  • Double check your code of your website to make sure that images and links have https
  • Use relative links and not absolute
    • Example – Don’t use Use
  • Use IISCrypto.exe from Nartac Software to disable vulnerable encryption methods that may show up on the above websites

Here’s something that will help you – We followed all of the advice above and still received the Not Secure favicon and not the green lock Lock we wanted.

Although the site is encrypted, the green lock missing creates a feeling of not being secure.

Seeking more information, we found that if you hit Ctrl-Shift-j in Chrome, you could see what was not secure.   We found that our customized 404 error was pointing to our IP and using http.

ctrlshiftj

To fix this, we opened IIS and changed the unsecured reference to our 404 error to https and the FQDN (web address).

404

Running Ctrl-Shift-j again after visiting the site, it then showed no errors.

ssl done

Be sure to read A Cipher Best Practice: Configure IIS for SSL/TLS Protocol over at Petri and take a look at SChannel information at Microsoft

Advertisements

About TCAT Shelbyville IT Department

The Tennessee College of Applied Technology - is one of 46 institutions in the Tennessee Board of Regents System, the seventh largest system of higher education in the nation. This system comprises six universities, fourteen community colleges, and twenty-six Applied Technology Colleges.
This entry was posted in Computer Security, Education, help desk, Information Technology, internet security;, Microsoft, Microsoft Windows, network, Networking, Technology, troubleshooting, Windows, Windows Security, Windows Server and tagged , , , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s