In order to protect your password and other sensitive information that go through the wire, SSL (aka https instead of http) is used on BMC Communities.
Some browsers display warnings from time to time.
Browser inconsistencies
Various browsers react differently with the SSL capability:
- Microsoft IE 8 and 9 (yep, not 7) actually display an "unsecure warning" if we then embed some specific content using https (strange, they should complain for http),
- Recently, a Google Chrome auto-update created some issues, since we now have this page has insecure content appearing (it actually now appears on many web sites, not only BMC Communities, so Google may tune this capability in their next refresh)
- Firefox rarely complains when http and https are mixed (details actually depend on versions you use)
Based on browser usage, we're always trying to find the best tradeoff to reduce impact of such browser behavior inconsistencies.
Things are actually more complex than what we would like them to be, see this post.
Current troublemakers
There are several items that we know create issues depending on the specific browser version you use, for example:
- Some external (but BMC-owned anyway) javascript magic, called from the pages here
- Embedded YouTube videos (like this one)
So what's next?
We are constantly tuning these SSL capabilities to minimize impact (and we'll update as we make progress)
In the meantime, you can trust what's coming from BMC Communities.
This warning only tells you that some data is not going to be encrypted over the wire, nothing big to worry about.
Do you have any tip to share on this topic?