When using an HTTPS connection we are receiving the following warning:
"Your connection is encrypted with 128-bit encryption. However, this
page includes other resources which are not secure."
PROBLEM: We narrowed down the issue to the images on the SSL page. If we paste an SSL URL into a browser, it redirects to a NON-SSL connection.
EX: We paste " https://www.example.com/images/checkout.gif " into a browser and it immediately redirects to " http://www.example.com/images/checkout.gif "
We're running the following server specs:
Server: Windows Server 2003 Web Edition
IIS Version: 6.0
We've checked the configuration settings and everything appears to be fine.
EDIT: We tried this same issue on a local server and the redirection does NOT occur. Using the "HttpFox" firefox plugin we have seen that we receive a 302 redirect from https to http on the production server. When we performed the same test on the local server, the 302 redirect does not happen. Checking the IIS 6 configurations on both servers shows no differences.
Best Answer
More information needed, so it's probably time to break out the difference engine.
Grab the Web Deployment Tool (MSDEPLOY) from microsoft.com, and create a package from the working web server.
Then, do an msdeploy -verb:sync with -whatif to compare the package with the prod server, and reveal differences in configuration.
If there is no difference, they will perform identically. It's not, so there is one, it's just not where you've looked so far.