motomac Posted January 4, 2015 Posted January 4, 2015 My website is running on HTTPS, and some of my users can't enter the chat because their browsers block insecure content from IPS Chat server (via HTTP). There are only two ways to launch chat on HTTPS: Teach all users every time when they want to enter the chat manually allow loading insecure content Change chat code to work via HTTPS. The first variant is impossible for me, so I tried to make second. I had manually edited chat JS-script adding https:// instead of http://. Most of the errors in console disappeared. But I still get one error: Failed to load resource: net::ERR_INSECURE_RESPONSE As I see, it's because chat server has self-signed SSL certificate https://server05.ips-chat-service.com/ Is it possible to add correct certificate on your chat servers?
Rhett Posted January 4, 2015 Posted January 4, 2015 SSL for chat is not supported at this time, it will be with IPS4 however. To work around this issue now with a full site as SSL (HTTPS) you can remove the chat link in the nav bar, then add a new link for chat in a pop up using http.
Lavo Posted January 4, 2015 Posted January 4, 2015 SSL for chat is not supported at this time, it will be with IPS4 however. I fail to see how this is a client problem that can be solved with a forum upgrade? Surely this is just applying a SSL certificate to the server, there's a whole bunch of wildcard certs you can pick up and install for cheap.
Rhett Posted January 5, 2015 Posted January 5, 2015 I fail to see how this is a client problem that can be solved with a forum upgrade? Surely this is just applying a SSL certificate to the server, there's a whole bunch of wildcard certs you can pick up and install for cheap. It's not as simple as installing a cert, if that was all that was needed it would have been done years ago.As mentioned, ips4 chat will support ssl though. Thank you
Joriz Posted January 19, 2015 Posted January 19, 2015 Looking forward to see IPS4 Chat with SSL. We also modified our url structure in PublicOutput.php to make the chat work via http:// and many other pages via https:// Please notice if you make your forum work via a secure connection (https://) that visitors in most cases will get mixed content warnings in their browser because many external elements such as added images by the members are hosted at third parties who don't support SSL.
motomac Posted April 1, 2015 Author Posted April 1, 2015 Two days ago IPS team has finally added correct paid SSL certificate to their chat server domains https://server05.ips-chat-service.com/. So I think, IP.Chat now should start working without any browser warnings on HTTPS. Can anybody try? My subscription has expired, and I'm not ready to buy IP.Chat paid plan untill be sure that it will work. Thanks
Joriz Posted April 5, 2015 Posted April 5, 2015 This requires changes to the code by IPB. All url's are currently hardcoded as http://
motomac Posted April 6, 2015 Author Posted April 6, 2015 Yes, but you can manually make changes in public/js/ips.chat.jsFind:iframe.writeAttribute( 'src', 'http://' + serverHost + serverPath + 'web/postMessage.php?parent=' + ourUrl );Replace withiframe.writeAttribute( 'src', 'https://' + serverHost + serverPath + 'web/postMessage.php?parent=' + ourUrl );Findiframe.writeAttribute( 'src', 'http://' + serverHost + serverPath + 'web/iframeProxy.php?parent=' + ourUrl );Replace withiframe.writeAttribute( 'src', 'https://' + serverHost + serverPath + 'web/iframeProxy.php?parent=' + ourUrl );Findelem.postMessage( message, 'http://' + serverHost );Replace withelem.postMessage( message, 'https://' + serverHost );Findelem.location = 'http://' + serverHost + serverPath + '/web/iframeProxy.php?parent=' + ourUrl + '#' + message + '×tamp=' + Math.round(new Date().getTime() / 1000);Replace withelem.location = 'https://' + serverHost + serverPath + '/web/iframeProxy.php?parent=' + ourUrl + '#' + message + '×tamp=' + Math.round(new Date().getTime() / 1000);As I remember, it was enough.
Joriz Posted April 6, 2015 Posted April 6, 2015 I tried this yesterday. It gave unsecure content error's in Chrome, so I think more changes on the IPS side are needed.
Management Lindy Posted April 9, 2015 Management Posted April 9, 2015 I tried this yesterday. It gave unsecure content error's in Chrome, so I think more changes on the IPS side are needed.If you're using IPS4, can you submit a ticket on this please so we can review? Thank you.
Joriz Posted April 9, 2015 Posted April 9, 2015 Nope. Sorry. still running a heavy modified 3.3.x.We will start do test upgrades to 4.x soon. But it will probably take multiple months before we actually have everything working in production on IPS4
Management Lindy Posted April 9, 2015 Management Posted April 9, 2015 We're only focusing on SSL'd chat for IPS4 currently. We'll explore IPB soon; I don't imagine it will be difficult, it's just not a priority at the moment.
Recommended Posts
Archived
This topic is now archived and is closed to further replies.