Fixing SSL errors within wordpress

Question

I've recently done my first wordpress site that is using an SSL license. I've noticed it comes up as secure but with errors. In the details it says the following.

Your connection to www.kluemperinsurance.com is encrypted with obsolete cryptography. However, this page includes other resources which are not secure. These resources can be viewed by others while in transit, and can be modified by an attacker to change the look of the page.

The connection uses TLS 1.0.

The connection is encrypted using AES_256_CBC, with SHA1 for message authentication and DHE_RSA as the key exchange mechanism.

I'm not familiar with any of this so I went to an SSL error checking site to find out what is causing the errors and every page comes up with this.

Pages with unsecure content: https://www.kluemperinsurance.com/ ? http://ajax.googleapis.com/ajax/libs/webfont/1.4.7/webfont.js http://feedburner.google.com/fb/a/mailverify

I've tried to figure out how to fix these two issues but I haven't had any luck so far. I'm not using a feedburner of any kind that I am aware of. No plugins being used either. For the webfont issue I followed the instructions from this link and it did not seem to help.

Am I at least on the right track here? What do you suggest I look for instead? Do you know how to fix it?

Answer 1

You have http links on a site which is being served as https. Change any links such as http://ajax.googleapis.com/ajax/libs/webfont/1.4.7/webfont.js to their secure version if available. Normally this will simply be changing http:// to https:// or // but you will need to check if your third party providers support secure urls, and if so what they are (some might use the hostname ssl instead of www for example).