Knowledgebase: SSL
Why isn't my Site's padlock green or doesn't have green address bar ?

 

Reason and Solution:

If you want the SSL Padlock on your website to look fully green and perfect, then you will have to follow the security standards given by the browsers your customers mostly visit using. As it happens, Internet Explorer, Chrome, Firefox are the most commonly used browsers by the world. These browsers show the padlock of an website in their own unique way and also the warning messages associated with them.

 

# Chrome says, “Your connection to example.com is encrypted with obsolete cryptography.”. There are two reasons for this message to show up:

1. TLS

The warning message will appear if TLS 1.2+ is not supported.

2. Cipher Suites

The warning message will also appear if insecure cipher suites (e.g., RC4) are enabled.

To Fix Obsolete Cryptography issue, enable support for TLS 1.2+ and also secure cipher suites (AES_128_GCM). If you are using deprecated cipher suites for backwards compatibility then you need to prioritize AES_128_GCM over the other cipher suites (i.e simply move GCM cipher suites to the top of of your cipher suite list). Other cipher suites are known to have weaknesses. Most servers will wish to negotiate TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256.


Use our SSL Analyzer to discover which cipher suites you have enabled on your server.


# Firefox and Chrome says your website's connection is not secure and some parts of this webpage are insecure. You see this message because your website contains insecure URL's. For example,

 Line 5 <link rel="canonical" href="http://technet.microsoft.com/en-us/library/cc731000.aspx"/>
 Line 38 <form action="http://www.example.com/login.php" method="post" role="form">
 Line 256 <script type="text/javascript" src="http://tags.example.com/tags.js"></script>

So, you need to find such lines of code in your website and change the protocol of the URL from HTTP to 'HTTPS'. To find the insecure URL's on Google Chrome, follow the below instructions.

 

1. While on your website in Chrome, simply press F12 (or) Click the padlock icon and the open 'Details'. It will open a window like following,

 

2. Click 'View requests in Network Panel', the next page will ask you to 'Press F5'. Do it and wait for Chrome to find the insecure URL's on your website !

 

 

3. Now that you have found the insecure URL's, find the corresponding lines of code on your website and change the URL to use 'HTTPS'. If you have changed all the URL's to use 'HTTPS', then you will see the change just like the below screenshot.

 

 

The below website will also help you find such insecure URL's easily,

Why No Padlock?

 

A small tip from our team : Use Mozilla's SSL Configuration Generator to get a perfect and secure configuration.

 

REFERENCE:

Firefox:  https://wiki.mozilla.org/Security/Server_Side_TLS#Prioritization_logic

Chrome: https://www.chromium.org/Home/chromium-security/education/tls#TOC-Obsolete-Cipher-Suites

 

RELATED ARTICLES:

 

  • Firefox:

How do I tell if my connection to a website is secure?

Mixed content blocking in Firefox

  • Chrome:

Check Chrome's connection to a site

Mixed content

    

See Also: Why does Secure Padlock disappear in IE 5.5 or above?

 

(1631 vote(s))
Helpful
Not helpful
Comments (0)