#3303 Some browsers report an insecure https connection
I am running phpMyAdmin on https with a SSL serctificate. After upgrading to phpMyAdmin 3.4.0, the front page and most subpages gives "Insecure connection" in Opera Webbrowser. However the connection is "Secure" when browsing the actuall databases pages, but on front page and main menu pages, it gives "Insecure contection". In other browsers this does not happen.
I do not have these problems with https and Opera in phpMyAdmin 3.3.10 or older, only the newest phpMyAdmin version 3.4.0
I am using the newest Opera webbrowser version 11.10 on Windows 7. The problem happens on both the "Original" and the "pmahomme" theme. I did test in Firefox, and did not have this problem in that browser.
Server information: CentOS 5.6 64bit, Apache 2.2.18, MySQL 5.1.57, php 5.2.17
Please see attached screenshot from Opera webbrowser.
Opera 11.10 showing Insecure connection on front page of phpMyAdmin 3.4.0
Are you sure that the first URL you type in Opera to access phpMyAdmin contains the exact domain name that is related to the certificate?
Yes, I am absolutely sure about that. Also I can provide access to phpMyAdmin on a test databse, so you can test it your self. Please let me know if you want that. Maybe send me a email for log in details?
Did you try with Internet Explorer and Chrome on your Windows 7 machine? If all browsers work correctly except Opera, I wonder what the phpMyAdmin team can do about it...
As I say, it does not have any problems in phpMyAdmin 3.3.10 or older, the problem is introduced in phpMyAdmin 3.4.0
Newest Opera browser does not have any problems on phpMyAdmin 3.3.10 - so the problem is introudeced by changes in phpMyAdmin 3.4.0
Update: I have tested more browsers: Both Internet Explorer 9 and Safari 5.05 have the same problem. Please see new attachment from Internet Explorer 9. To see the problem in Safari, you look at the the right in the adress field, and you will see the padlock is missing. Browse into a database, and you can see the padlock - in Safari the padlock is only visible on pages that is encrypted.
Update: I have now tested in newest version of Google Chrome, and Google Chrome has the same problem. So SSL does not work in Google Chrome, Opera and Safari.
Google Chrome 11.0.696.68
The exact message I get in Chrome is that this page includes other resources that are not secure. Indeed we now access http://www.phpmyadmin.net for a version check.
Please try again by setting $cfg['VersionCheck'] to false.
Thanks. Setting $cfg['VersionCheck'] = false; fixes the problem with insecure connection. But for future, please change the cersion check so that it is connection to a secure server.
Yes, we are discussing about this on the phpmyadmin-devel list.
Workaround for 3.4.1: no version check when https present in URL.
I only got this message under Chrome when I have the "Update check" on, and when there is an update. If I switch it off then it's okay. I checked the generated HTML, and it loads some info using http (rather than https) from the phpMyAdmin site for the version number.
Ah.. Never mind.. Been reading with my eyes in my pockets ;-) Ignore my remarks please.
The workaround put in version 3.4.1 should be enough.
After upgrading from version 3.5.0 to version 3.5.1 the problem is back. I have only tested in Opera browser. However, no matter what the browser report, the connection is not secure. The problem is with the version check. When I add the following line to config.inc.php the problem is fixed, and the connection is secure:
$cfg['VersionCheck'] = false;
Please revert the change so that there is no version check if using https, so that the connection is secure. The problem did not exist in version 3.5.0, but exist in version 3.5.1
What about version 3.5.4?
The problem still exist in version 3.5.4, and my browser (Opera) report that the front page in phpMyAdmin has a innsecure connection. However I fix the problem by adding this line to config.inc.php:
$cfg['VersionCheck'] = false;
Should be fixed in 3.5.5.