SSL and iFrames

Does anyone know of any conflicts with iframes and SSL certificates? I have my SSL site set up as best I know for compliance, but I'm still getting errors about it. This is somewhat urgent so the quicker the better. Thanks so much.

If you want to see the page, it's at https://www.njoynow.com. (NSFW) The splash page works fine with the SSL, however the home.php in the next does now.

 

I don't get the relation between iframe and ssl ?
I just see a Not Found error for the page http://www.njoynow.com/site/contents.html that is really missing !
So what is the issue with ssl ?

 

I receive a "Connection partially encrypted" message on your homepage.

Get rid of the iframe by replacing it with the following code:

<div style="width: 500px; height: 150px; overflow: auto;">Your terms here.</div>

Code (markup):

Div scrollers will be automatically added if required, just like with an iframe. But you won't need to create a separate page to put in the iframe. It's the better way of doing things.

 

Right Clive. If I designed the site originally, that's how it would have been done. When I was first hired onto this job, the entire site was all images, no text at all, so I've done a lot of MAJOR improvements, but until we step into our next phase, the iframe has to stay unfortunately. I guess there is a correlation between the two, I'll try to figure out a way around it for the time being I guess.

 

Right, there are other errors that are breaking the SSL lock on your homepage.

Like for instance

<img src=http://www.njoynow.com/site/images/straight.jpg border=0>

Code (markup):

Chould be changed to

<img src=https://www.njoynow.com/site/images/straight.jpg border=0>

Code (markup):

By rule, all page elements should be loaded using the SSL connection, therefore all images, javascript, css stylesheets location should be called using https://.

 

Allright. Thanks Clive.

 

I see no updates on your site, still having issues?

 

I won't be in the office until monday, so no updates till then. I'm posting this from home.

 

Ok, I think I figured out our issue. We are using Google Analytics as one stat program... but we were not using the SSL version, so I've changed to that and so far it's working well, we will see if I run into any other troubles.

 

Yep, good to see it working. Anyway, remember that a page running a SSL lock should not make any calls to unencrypted content, be it javascript or CSS stylesheets or anything else, or it will cause the secure connection to break.

 

Allright, thanks again for all the help Clive!