- This topic has 1 reply, 2 voices, and was last updated 8 years, 11 months ago by
.
-
Posts
-
I have the Wp eMember plugin connected through Clickbank, I had to put the Instant Notification URL without https because wasn’t verified with [https://www.depressionhelpfast.org/?emember_paypal_ipn=1]
So I put [http://www.depressionhelpfast.org/?emember_paypal_ipn=1] and was verified. but then,
When I go to make a purchase The browser is getting the next pop-up error:
“This is a non-secure form.
This form will be sent in a way that is not secure. Are you sure you want to send it?”
This is my url address and I can see the green padlock enable:
[https://www.depressionhelpfast.org]
What should I do to avoid this insecure error??
Thanks in advance
You are using an open source (I.e. “free”) SSL certificate. The CA for LetsEncrypt.org, the Internet Security Research Group (ISRG), operates a root CA server that is not recognized by any major browsers.
- https://letsencrypt.org/certificates
- https://community.letsencrypt.org/t/which-browsers-and-operating-systems-support-lets-encrypt/4394
That is why you are getting the “non-secure form” pop up from your browser.
As a security professional, I believe it unlikely the ISRG will be considered a Trusted CA anytime soon; because it raises “self certification” issues. That is why you were getting the “not verified” error from ClickBank.
I’m quite certain you would not have problems if you paid for a proper, non open source, SSL certificate.
Why do you want to use SSL for your site? You do not appear to be practicing medicine, via your site, so it does not need to be HIPAA compliant.
One more thing… my browser reports “This page is trying to load scripts from unauthenticated sources.”
- https://letsencrypt.org/certificates
- You must be logged in to reply to this topic.