I'm the system administrator of the site https://iris.quickfds.com. After setting a wildcard certificate *.quickfds.com for the site, I checked all main browsers.
This site is consider with no mixed content http/https onto all the workstation of my company for ie 10 or firefox 37.
With Chrome 42.0.2311.135 m (64-bit) or (32bit), the site is either with mixed/no mixed contents http/https depending of the station. I tried a full re-installation on the stations stating an unsecure site with no results.
On the stations that shows the site unsecure, we have the following information https://iris.quickfds.com/iris_chrome.png.
As google states at https://support.google.com/chrome/answer/95617?p=ui_security_indicator&rd=1, this means :
"Your connection to the site is encrypted, but Google Chrome has detected mixed content on the page. Be careful if you're entering information on this page. Mixed content can provide a loophole for someone to manipulate the page. This content could be third- party images or ads embedded on the page."
Nevertheless, this is not the case as the first page has no mixed content.
Can you help to diagnose why some stations are having this behavior and others not?
BR
Christian
PS : Sorry for the first phrasing, I was in no mood to write the correct question at that time.
Best Answer
I finally found the reason of "unsecure comminication" which has nothing to do with mixed content.
1st, the yellow warning icon was not set for connection informatio, but for Site identity information. So the question was poorly stated
2nd, The CA store under some stations were using older CA chains that included certificate with SHA-1 signature encryption which is "obsolete" as stated by Google
https://support.google.com/chrome/answer/95617?p=ui_security_indicator&rd=1
"Google Chrome can see the site’s certificate, but the site uses a weak security setup (SHA-1 signatures), so your connection might not be private.
Proceed with caution. These are common mistakes in websites' configurations, but that doesn't guarantee that your connection is secure."