Results 1 to 2 of 2

Thread: [SOLVED] HTTP/HTTPS strange behavior on different systems and browsers

  1. #1
    Join Date
    Sep 2008
    Location
    Latvia
    Posts
    165
    Rep Power
    7

    Exclamation [SOLVED] HTTP/HTTPS strange behavior on different systems and browsers

    Hi, I recently made an upgrade from 5.0.18 -> 6.0.1 and added test SSL certificate from Comodo. I deployed SSL certificate on our Reverse Proxy servers (for load balancing). Communications after RP serversa to Zimbra mailbox are made on HTTPS too, but only with self signed certificate. Everything seems to work fine, except some items:

    * Firefox 3.5.3 on Mac OS X - no problem;
    * Win XP IE8 - all pages are encrypted (the lock in address bar is ok), but on first opening (after login) IE informs about situation, that there are non https items on page to load, which is strange, because all the way arround we use SSL and HTTPS, including Zimbra protocol configuration;
    * Win XP Firefox 3.5.3 - working, but only it says, that traffic is encrypted only on login page. After successfull login, system stays on https url, but informs user, that traffic is not encrypted on this site.

    Does somebody experience similar & what could be your ideas on problem root?

    Real login URL and certificate is tied to Reverse Proxy (Apache) virtual host, but mailbox hostname is different. Before have not noticed such things.

  2. #2
    Join Date
    Sep 2008
    Location
    Latvia
    Posts
    165
    Rep Power
    7

    Default

    To close this issue as solved, if anybody is looking for the same:

    This situation happens, when you deploy zimlets, which use external services via http, or your user opens e-mail message, which has embedded content, like images, downloaded from external http site. This is notice about the fact, that only part of information is encrypted, still keeping your connection to ZCS server under https. To be more sure, please use Firefox Firebug extension in Net folder, to go through all resources ZCS loads on page, to catch out those, which are loaded via pure http (without https), to deal with this issue further.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •