17 August 2018

Testing HTTPS

I ended a recent post, Activating HTTPS, with an action:-

When I click on one of my links in the top half, the next page reverts to HTTP, but I can activate HTTPS by simply changing the URL. Subsequent pages retain HTTPS unless they are loaded from a different directory. My domain host tells me I need to 'Create a 301 Redirect to Enforce your SSL certificate'.

I followed the instructions to implement this (HINT: .htaccess) and almost everything looked good. I had one issue with image files, so I decided to test using an image in a blog post.

This is a recent image found on eBay, where the description said,

A. Kindler (1833-76) German • Framed 1874 Oil Canvas Painting, 'Men Playing Chess' • Dimensions of Canvas: 28" x 22"

Now let's see if it works correctly.

***

Later: Indeed it did work. The image appears and is loaded with the correct 'HTTPS' transfer protocol. Once I verified that everything looked good, I went back to the previous post, 'Activating HTTPS', with the idea of corrrecting the image protocol used in that post. Before changing anything, I looked at 'Preview' and received the familiar message:-

This page contains HTTP resources which may cause mixed content affecting security and user experience if blog is viewed over HTTPS.

Fix • Dismiss • Learn more

'Fix' immediately closed the edit session. When I reopened it, I discovered that the image 'HTTP' had been changed to 'HTTPS'. When I looked at the blog post, the image was loaded with 'HTTPS'. [NB: 'Learn more' goes to Fix mixed content on your blog (support.google.com).] Of course, I'm not going back to all 2700+ old posts on this blog (plus my three other blogs) to change the image protocol. Instead, I have a number of other tasks to perform:-

  • Investigate why the security certificate (issued by Let's Encrypt 'Free SSL/TLS Certificates') is only valid for three months, to 15 October 2018.
  • Examine the impact on the site's stat logs.
  • Flag the HTTPS change to Google search.

I suspect that last part will be done automagically, but I would like to be sure.

Posted by Mark Weeks at 8/17/2018 03:59:00 PM

Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)