Skip to Content
0

(no) SSL Encreyption on some blog? -> Yellow Lock in Browser

Feb 03, 2017 at 10:44 AM

272

avatar image

Usually SAP-Blogs have a nice green lock on them -> SSL encryption stuff, nice and secure, everything fine:

But today I saw one where there's a Yellow lock: https://blogs.sap.com/2015/02/24/uture-of-community-and-one-digital-experience/

-> something embedded that’s not so well encrypted, not so fine....

(Screenshots from Chrome)

Why is that? (Go technical, if you want!) And: Can/should that be fixed?

best

Joachim

10 |10000 characters needed characters left characters exceeded
* Please Login or Register to Answer, Follow or Comment.

2 Answers

Best Answer
Joachim Rees Sep 20, 2017 at 09:43 AM
0

Well, it seems fine now! (I no more get a yellow lock for the blog I mentioned).

*accept*

Share
10 |10000 characters needed characters left characters exceeded
Vadim Kalinin Feb 03, 2017 at 11:39 AM
3

Looks like emoticons :)

"http://scn.sap.com/111/images/emoticons/grin.gif"

Not encrypted :) No more secret emoticons...

Show 10 Share
10 |10000 characters needed characters left characters exceeded

OK, understood. As far as I can tell those links are not working anyway, so they could as well be removed....

I'll raise an alert on that blog, pointing to this question....

0

I honestly don't know what to say about this one. Let me see what I can find out...

0

Thanks Jerry! Maybe to clarify: it doesn’t hurt me at all, to get that yellow lock. However, it gives a bad impression. ( -> it seems unsecure to the user and that's what the browser says as well).

Also: telling users something like "well, you will get that browser message saying "not secure" but that's ok/ignore it/ click it away!"* is an idea I don't like, as it educates people NOT to care for security, while what we(internet community / society) need is the opposite!

So it’s not a bug, but more of an image-problem (nice pun here!) ;-)

*Sometimes I see this (not here, other places) when self-signed certificates or used.

best

Joachim

1

Hi, Joachim:

We've opened as a prioritized bug. The explanation I got from IT: "Bottom line the reason is that images (smileys) of that post are loaded via http and not via https and therefore not the full content is https/ssl any more."

I could seek more details if you wish, but IT is working to resolve.

Best regards,

--Jerry

1

While the IT are looking into the issue, specific for blogs display - the same situation we have for tagged pages: https://www.sap.com/community/tag.html?id=209057551571413566377230676804921&tag=type:question

The reason is, that the links to the avatars of the forum members are also http.

0

Thanks, Veselina. I'll pass that along as well.

0

I go to same page through

http://www.sap.com/community/topic/erp-sd/all-content.html

All looks OK?

0
Show more comments

Update: "A moderator did not agree to your alert for Future of Community and One Digital Experience (2 days ago)"

0