I hate Miva, yes I do...
December 13, 2005 11:14 AM Subscribe
Miva Merchant 4.0 and security certificates...why don't IE customers see the darned lock?
My client has a Miva 4.0 store. They have a thawte security certificate and linkpoint payment gateway as their payment system. All of these things are set up correctly in accordance with the documentation. When using the store with Safari, the little lock shows up just fine in the upper right corner while on secure pages like checkout. However in IE there's no lock (even though the address starts with https and everything is set up correctly). What can I do to even troubleshoot this? This is not my area of expertise and I feel like I've exhausted my research-fu. I've spoken with the web host, the security certificate people...the last option is Miva support but they charge $399 per year minimum, which I would like to avoid. Help, I am being driven slowly insane by this problem!
My client has a Miva 4.0 store. They have a thawte security certificate and linkpoint payment gateway as their payment system. All of these things are set up correctly in accordance with the documentation. When using the store with Safari, the little lock shows up just fine in the upper right corner while on secure pages like checkout. However in IE there's no lock (even though the address starts with https and everything is set up correctly). What can I do to even troubleshoot this? This is not my area of expertise and I feel like I've exhausted my research-fu. I've spoken with the web host, the security certificate people...the last option is Miva support but they charge $399 per year minimum, which I would like to avoid. Help, I am being driven slowly insane by this problem!
Response by poster: it's l u c i n d a dot com, click either of the stores at the bottom to access the Miva side of the site. thanks!
posted by miss tea at 11:34 AM on December 13, 2005
posted by miss tea at 11:34 AM on December 13, 2005
Best answer: mozilla doesn't like it either (shows the padlock with a line through it in firefox 1.5). when i look at the security pop-up in firefox it says "Parts of the page you are viewing were not encrypted..." and looking at the source both your stylesheets and images are being loaded via http.
loading it in ie it sems that the certificate is fine - the connection for the main page is secure ok and the ca chain checks out.
so i think your problem is that you need to make sure that all your content is loaded via https. i can't find confirmation that this is the problem, but it makes sense - you can imagine someone changing the images/stylesheet to change the meaning of the site, so it would be wrong of the browser to say it is secure.
ah here you go - that confirms it and suggests the easiest way is to make all image and stylesheet links relative, then they will load correctly for both http and https connections.
posted by andrew cooke at 11:51 AM on December 13, 2005
loading it in ie it sems that the certificate is fine - the connection for the main page is secure ok and the ca chain checks out.
so i think your problem is that you need to make sure that all your content is loaded via https. i can't find confirmation that this is the problem, but it makes sense - you can imagine someone changing the images/stylesheet to change the meaning of the site, so it would be wrong of the browser to say it is secure.
ah here you go - that confirms it and suggests the easiest way is to make all image and stylesheet links relative, then they will load correctly for both http and https connections.
posted by andrew cooke at 11:51 AM on December 13, 2005
miss tea - I used to work for Miva as support engineer. I remember that this question came up VERY frequently. So frequently in fact, that it was part of the FAQ. :)
In the future, I'd suggest consulting the FAQ, or the users groups. andrew cooke nailed the problem, but I just wanted to point out these resources to you in case you weren't aware. Also, keep in mind that this wasn't a problem with Miva Merchant. You would get this message anytime you explicity load content via http when accessing a page via https.
posted by woj at 3:25 PM on December 13, 2005
In the future, I'd suggest consulting the FAQ, or the users groups. andrew cooke nailed the problem, but I just wanted to point out these resources to you in case you weren't aware. Also, keep in mind that this wasn't a problem with Miva Merchant. You would get this message anytime you explicity load content via http when accessing a page via https.
posted by woj at 3:25 PM on December 13, 2005
This thread is closed to new comments.
posted by andrew cooke at 11:18 AM on December 13, 2005