I stumbled upon a somewhat dirty trick: Start your browser and visit: https://robert.accettura.com You'll get that notice that the cert doesn't match the server. It shows with a lock with a line through it... all is good. Now open a new tab, and copy/paste the following URL in: https://robert.accettura.com/gallery You don't get a notification that the cert doesn't match the server *but* it shows the icon as a normal healthy icon. It should still show the icon with a '/' through it, since it's the same site, and same server... they don't match. Screenshots forthcoming.
I can confirm with another way to show the problem. If you get \gallery\ with the slashed icon, do a Ctrl+R (Reload) and the slashed lock will change to the normal one.
The certificate not matching produces the warning, but lock with the slash through doesn't indicate anything about that. The lock with the slash through is because it's a secure page which has content (images) loaded from an insecure location (some of the little buttons for blogshares and stuff). The gallery page is all loaded from the secure server, so it's correct that it has a full lock (and it gets the full lock if you just go straight to it). The difference is between the content of the two pages - it's not the cert. I think this is invalid.
To quote the Mozilla help page: "A broken lock means that some or all of the elements within the page were not protected by encryption when the page was received, even though the outermost HTML page was encrypted." Once you say OK to the domain name mismatch on the certificate, that cert is trusted until the browser is restarted. Marking invalid.
Status: UNCONFIRMED → RESOLVED
Last Resolved: 14 years ago
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.