Not secure website warning even after installing SSL certificate
After install the certificate SSL in a domain, but still, O SSL displays the unsecured website warning, showing the message as in the following image:
The reason for the message is called Mixed Content, which occurs when the website is loaded with a secure url HTTPS, but its content contains objects such as images, videos, css files, js, links to other sites…
That point to an unsecured connection HTTP, the browser interprets that the url is not secure due to data accessed with insecure urls even with the use of an SSL certificate.
Let's see how to fix it.
You will have to scan the entire domain looking for insecure “http://” urls, which cause the insecure site warning
1. Open the URL in question and in your browser, press the key F12 or with the direct mouse button, inspect element (depending on the browser used) then the option Security on the dashboard to check the security status.
- Resources – mixed content: – It means that there are links that point to unsafe urls i.e. mixed contents that lead to urls like: “http://” that need to be exchanged.
- Certificate – Valid and trusted: Means that the server certificate is valid and trustworthy;
- Connection – Secure (strong TLS 1.2): Means that the website connection is secure, and that it is encrypted and authenticated using a protocol like TLS 1.2, thus establishing a secure connection. Look here if your connection is secure.
Identifying the files
Look for the icon on the right side of the panel and when you click on it, all the links that are being loaded with the protocol will be listed. http://.
Once identified, simply adjust them by changing their URLs. http:// for https://. (Depending on the platform used, the processes can be very different).
Checking if it has been resolved
After the changes, go back to the browser panel, review the messages from before, they are now green, which means that the page is now secure (valid HTTPS).
- Resources – all served securely: smeans that all site resources now point to secure urls and are loading correctly.
Note: If error messages still occur, follow the same path again to identify whether there are still more errors. Also use the Ctrl + U keys and search for http:// in the source code screen. If found, replace it and check again.
Hugs, I hope I helped!