So, you have set up the SSL certificate, you wait for 30 minutes, 60 minutes, 2 hours and your website shows “Not secure”?
Not always the reason for not secure Web page is lack of SSL. There may be situations when SSL in a Website is installed but the Web page remains not secure.
We have created a sample website https://www.1seo.uk with this exact problem to make this support article more understandable.
What is it?
Non-secure links or resources can cause the page to be flagged as non-secure, even if it has an SSL certificate. Things you need to make sure are secure are:
- Cascading style sheets (CSS)
You can check to see if these things are secure by checking how they're linked in your code. Secure external links begin with https, while non-secure links begin with http. Local content that uses a relative path will automatically adopt SSL when it is installed on a domain.
Is it happening to me?
How to fix
If you find any links that are http, you need to make them secure.
To fix unsecured links, you need to make sure that your HTML code either calls locally hosted elements via a relative path, such as:
Or, if they're called by their absolute path, you need to be sure the link includes the https.
Likewise, if you are using a CDN for resources on your website, you should check the CDN and make sure it is operating over SSL.
How to find not secure reasons for a Web page?
We recommend to test your website with www.whynopadlock.com
See example below:
Test results show us that SSL is installed correctly but some Web page objects are not secure.
See the test results yourself: here.
Are you a WordPress user?
We reccomend plugin "WordPress Force HTTPS" by A. Kai Armstrong: