# Thursday, August 13, 2009
How To: Disable/Change IE8 HTTPS Warning Box

For those who are not aware Internet Explorer has a security feature that by default does NOT allow non-secure content (i.e. loaded on HTTP rather than HTTPS) to be displayed on a page that is loaded securely via HTTPS.  It is a good feature because after all any website that is running securely should all be secure with not just bits and pieces that are not secure.  However I ran into a problem with our SharePoint site where someone had linked a non-HTTPS RSS feed to be displayed on a site and caused the below error message to appear every time:

Capture

I finally looked into how it can be disabled and found a couple of solutions but it is important that you judge the value of each method versus the security you may be giving up.

  1. Disable this error message all together (Least Secure)
  2. Utilize IE’s Security Settings to disable the warning for sites you trust or sites on your intranet. (My Choice)

So here’s how to make the changes:

Regardless of Option:

  1. In Internet Explorer click “Tools”.
  2. Click “Internet Options”.
  3. Click the tab titled “Security”.

For Option 1:

  1. Ensure the icon titled “Internet” is selected.
  2. Click the “Custom Level” button.
  3. Scroll about half way down to the section titled “Miscellaneous”.
  4. Find the setting titled “Display mixed content”.
  5. Set the setting to “Enable” (It should be set to “prompt”).
  6. Click “OK” twice and restart IE, problem should be resolved.

For Option 2:

  1. I would select either the “Intranet” or “Trusted Sites” icons.
    1. For more information regarding the different zones check out: http://support.microsoft.com/kb/174360
  2. For our example we used the Intranet zone so only our internal systems would ignore non secure calls
    1. NOTE: If you call an outside source like RSS you may end up making these changes for both the Intranet and Trusted Sites zones so that you can add your “trusted” RSS feed to your intranet sites.  Then all you have to do is add sites to your trusted sites zone one at a time when you find a new one that is not currently in the list
  3. Click the “Custom Level” button.
  4. Scroll about half way down to the section titled “Miscellaneous”.
  5. Find the setting titled “Display mixed content”.
  6. Set the setting to “Enable” (It should be set to “prompt”).
  7. Click “OK” twice and restart IE, problem should be resolved.

So the only other problem this causes, specifically in a business environment where there may be hundreds of computers to make this change.  Luckily Group Policy even in Server 2003 supports setting the intranet zones, and the sites for each.

Good Luck!

-Brent

How To | IE8 | Security | Servers | SharePoint | Windows Server
posted on Thursday, August 13, 2009 8:52:00 PM (Eastern Daylight Time, UTC-04:00)  #    Comments [0] Trackback
Search
Navigation
Home
About Me
Resume
Leadership

 RSS 2.0 | Send mail to the author(s)

Follow Me!


My status

View Brenton Pabst's profile on LinkedIn

Brenton Pabst's Facebook Profile
Categories
ASP.NET (12) Business (6) Continuous Integration (1) CruiseControl.NET (1) CSS (4) Datacenter (1) How To (1) HTML/XHTML (5) Humor (5) Hyper-V (3) IE8 (4) IIS 6.0 (3) IIS 7 (5) Linux (1) Microsoft Office (6) Pabst Productions (5) Personal (22) Photosynth (1) Remote Desktop (2) Security (6) Servers (8) SharePoint (2) Skype (1) Software Development (6) Subversion (1) Twitter (1) uManage (2) Windows 7 (4) Windows Features/Changes (1) Windows Server (16) Windows XP/Vista (9)
Blogroll

[Feed] Scott Gu
[Feed] Scott Hanselman

Archive
<September 2010>
SunMonTueWedThuFriSat
2930311234
567891011
12131415161718
19202122232425
262728293012
3456789

July, 2010 (3)
June, 2010 (1)
April, 2010 (1)
March, 2010 (2)
January, 2010 (1)
December, 2009 (1)
October, 2009 (1)
September, 2009 (2)
August, 2009 (5)
July, 2009 (4)
June, 2009 (1)
May, 2009 (4)
April, 2009 (4)
March, 2009 (3)
February, 2009 (1)
January, 2009 (4)
December, 2008 (2)
October, 2008 (1)
September, 2008 (1)
July, 2008 (1)
June, 2008 (1)
May, 2008 (4)
March, 2008 (2)
February, 2008 (1)
December, 2007 (2)
November, 2007 (2)

Month View

Disclaimer
The opinions expressed herein are my own personal opinions and do not represent my employer's view in any way.

© Copyright 2010 Brent Pabst

Sign In