OK... This is the same store as other tickets, so you have user/pass, ftp in my history.
First alert came from a customer: His message:
"Comments: I have made several attempts to order. After I log in and add my selections to my cart, I always get an error message of an invalid certificate and problem with the site. Can you provide some assitance/direction in placing my order."
Second alert came from my client, via the phone answering service (they take orders by phone on weekends, during night, but enter into the cart; this has been some custom work to make this possible; see history from about 2 years ago):
"Apparently, there were a lot of customers that had this problem over the weekend. Does this error message mean anything to you? The answering service took about 10 orders by hand because the customers all said they were having the same problem over the weekend."
I ran tests, couldn't see the issue.
I asked one of the staff personnel to run tests, using as a "guest", as a logged in customer, etc. His report:
"I did about 12 tests:
First 3 I put the item in my cart first then logged in then paid--all went through ok:
1. As a guest
2. My account
3. With a new account
Then I logged in first then added the test product to the cart then hit checkout and I got the message about the certificate all three times. I couldn't get through to the checkout page.
Then I deleted all the cookies and tried again logging in first, then filling the cart and I never got the message. Repeated it again all 3 ways and still didn't get the message.
Deleting the cookies helped, but did this ever happen before where 10 customers have had it happen?"
Follow up message from staff:
"When I got the message it was when I clicked "checkout". I couldn't even get to the page to make any type of payment. Now that I deleted cookies I can't get the error message no matter what I do."
Follow up message from the phone answering service:
"Second, we are getting the “Website Security Certificate” warning. This is a Microsoft warning because it’s not recognizing your site’s security certificate. Have you checked with your Website programmer to make sure your certificate is current? Because this warning isn’t anything coming from our end."
I tried all methods and didn't get the problem.
More background: This domain doesn't have its own secure certificate. We had tried that and it caused more problems, and at Ray's suggestion, we deleted it. There was a setting Ray referenced at the time. This was early December of last year, if I recall.
The server does have a certificate. All of my domains are on my server, and a few use the certificate, or did in past carts. The certificate is registered to secure.biz-comm.com.
I don't know what else to share. It is not a consistent issue, but it is happening. The staff tester is on a Mac. I'm on a Mac. I imagine that the phone answering folks are on PCs.
There isn't a certificate assigned to the domain. In history, you'll see that there are two domains involved in this: the original and an alias. If you enter a https:// you will see that it gives invalid, but if you open to full message you will see a correct secure.biz reference.
Any ideas most appreciated. If we can find out what is pulling in the https, that should clear this up.