Piwik and SSL

I’ve installed Piwik on my sever as an SSL enabled server

https://piwik.mydomain.org

I’m using it to monitor several websites at different subdomains, both secure and unsecure

https://one.mydomain.org/
http://two.mydomain.org/
etc ..

.

The tracking tag generated by Piwik for the SSL sites contains both “http” and “https” links. Like so:

<!-- Piwik -->
<script type="text/javascript">
var pkBaseURL = (("https:" == document.location.protocol) ? "https://piwik.mydomain.org/" : "http://piwik.mydomain.org/");
document.write(unescape("%3Cscript src='" + pkBaseURL + "piwik.js' type='text/javascript'%3E%3C/script%3E"));
</script><script type="text/javascript">
try {
var piwikTracker = Piwik.getTracker(pkBaseURL + "piwik.php", 1);
piwikTracker.trackPageView();
piwikTracker.enableLinkTracking();
} catch( err ) {}
</script><noscript><p><img src="http://piwik.mydomain.org/piwik.php?idsite=1" style="border:0" alt=""/></p></noscript>
<!-- End Piwik Tag -->

If possible, I would like all links to be “https”, because any non-secure link throws browser warnings about non-secure content in a secure page. Can I just hand edit the tag to be all SSL without breaking anything?

yes

short and to the point I guess style_emoticons/<#EMO_DIR#>/wink.gif. Thanks!

You’re welcome. Although, technically, you answered your own question. style_emoticons/<#EMO_DIR#>/wink.gif

my question is: why is there a warning in the first place? Piwik should detect when a page is https and load the https piwik. Theoretically there should not be a warning in the browser… or is there a bug?

I am currently facing the same issue. The error catcher in the Piwik code throws "RefferenceError: Piwik is not defined"
Works fine if I use http.

I add some code to trace the url Piwik was using. It is using the correct https url… but still seems to not find a defined Piwik.

Hi there,

I have just installed my first SSL certificate on viand.net so that i can sell an ebook.

Viand.net is one of several websites tracked by a piwik installation on amorystarr.com
amorystarr.com has no need for SSL as not selling anything or doing anything else secure.
when i use http://www.whynopadlock.com/check.php
I get this error:
Secure calls made to other websites:
amorystarr.com SSL verification issue (Possibly mis-matched URL or bad intermediate cert.). Details:
ERROR: no certificate subject alternative name matches

The only link at viand.net to amorystarr.com is from piwik. I have modified the piwik tracker code in viand.net to ensure that every instance of http is changed to https, but i’m still getting the same problem.

Also, is it possible to change the second and third instances of “http://” to “//” in the tracking code below so that i don’t force secure loading on pages that don’t need it. (only one page of viand.net needs to be secure.)

Thank you!!!

violet

You’re facing the same issue I had when I created a Piwik installation to track eCommerce hits… Short answer is that you need to do one of two things.

Either:
a) move your piwik installation across to the amorystarr site
…or…
b) register and install a SSL Cert for amorystarr as well.

I went with the latter option myself…