No padlock or insecure message or mixed content warnings after installing SSL Certificate

If you receive a "website is insecure" type message or the browser padlock is missing after installing an SSL certificate then please see below.

This can occur when you have mixed content of HTTP and HTTPS referenced items. 

Mixed content occurs when a webpage containing a combination of both secure (HTTPS) and non-secure (HTTP) content is delivered over SSL to the browser.

To fix this you would need to be able to identify the non secure content within the code of the site and ensure all referenced items are being called over HTTPS.

Most common day browsers like Google Chrome and Mozilla Firefox have an ability to look at the code in a developer stance meaning its like a debugger console built into the browser.

In Google Chrome you would right click on the page that is displaying the warning and select "Inspect." 
On Mozilla Firefox same idea but they call it "Inspect Element." 
Look for any "Mixed Content" warnings or items being referenced with plain HTTP and not HTTPS. 
You can then edit the code in your pages to ensure those items are changed to call via HTTPS.

If you are using Wordpress also make sure that you install a "Force SSL" plugin to automatically make all pages SSL secured.

An in depth guide to this subject is given over at Google's developers guides:
https://developers.google.com/web/fundamentals/security/prevent-mixed-content/fixing-mixed-content

  • padlock, mixed content, insecure, ssl
  • 2535 کاربر این را مفید یافتند
آیا این پاسخ به شما کمک کرد؟

مقالات مربوطه

How to enable a free SSL certificate (Lets Encrypt)

All accounts come with a free SSL Certificate if you want to use it. To setup your free...

How to force SSL (HTTPS) on your website

You can force all visitors to your site to be using HTTPS by adding the below code to the...

How to restore your own PFX file

To restore your own PFX certificate file to your website please do the following: Login to...

Lets Encrypt not installing or renewing - Umbraco Specific

Our control panel uses HTTP authorisation to get your certificate issued by LetsEncrypts remote...

Worldpay Callback not working with SNI

Worldpay do not support SNI which causes issues for clients that use SSL without a dedicated IP...