Users running a non-download version of Vanilla (pulled from github), on branch release/2019.016 or master from the last 2 weeks should upgrade to release/2019.017 or latest master for security reasons. Downloaded official open sources releases are not affected.
Please upgrade here. These earlier versions are no longer being updated and have security issues.

<Embed> Vanilla Behind https:// [SSL]

edited October 2012 in Vanilla 2.0 - 2.8

Hi guys, when trying to embed Vanilla on a site that is using SSL it seems that the Forum wont show. Could anyone share some light here if they have faced the same challenge and found a solution.


  • No problem with it. Must be your server settings relating to SSL.

  • No, im sure there is a relation. When checking for errors in chrome you get the following:

    "[blocked] The page at https://www.[Remote Url to Forum] ran insecure content from http://[mydomain original none secure domain]/forum/plugins/embedvanilla/remote.js."

    So clearly there is an issue of some sort here.
    Strangely enough, this seems to only affect Chrome.

  • AnonymooseAnonymoose ✭✭
    edited October 2012

    Different browsers interact with SSL servers differently. Check your server's SSL setup, check your certificates. Self signed? Might give errors in certain cases. Vanilla itself doesn't deal with SSL, it is something that the server handles.

  • You're serving a page with "mixed content". The SSL certificate on the site in which Vanilla is being embedded doesn't match the embedded Vanilla site, and so Chrome is correctly warning you that the SSL certificate doesn't match all the page's content.

    This has absolutely nothing to do with Vanilla, and everything to do with the fact that you're embedding insecure, unverifiable (from the SSL connection's point of view) content inside a secure web page.

Sign In or Register to comment.