I have installed SSL but Web page is not secure

So, you have set up the SSL certificate, you wait for 30 minutes, 60 minutes, 2 hours and your website shows “Not secure”?

Not always the reason for not secure Web page is lack of SSL. There may be situations when SSL in a Website is installed but the Web page remains not secure.

We have created a sample website https://www.1seo.uk with this exact problem to make this support article more understandable.

See example:

Web page with installed SSL

        

What is it?

Non-secure links or resources can cause the page to be flagged as non-secure, even if it has an SSL certificate. Things you need to make sure are secure are: 

  • Images
  • Cascading style sheets (CSS)
  • Javascript

You can check to see if these things are secure by checking how they're linked in your code. Secure external links begin with https, while non-secure links begin with http. Local content that uses a relative path will automatically adopt SSL when it is installed on a domain.

Is it happening to me?

If none of the earlier possible reasons were the problem and you have images, CSS, or Javascript files, you should double-check their links. If you see that you have unsecured links, this is most likely the problem. 

How to fix

If you find any links that are http, you need to make them secure. 

To fix unsecured links, you need to make sure that your HTML code either calls locally hosted elements via a relative path, such as:

/images.logo.png

/includes/script.js

Or, if they're called by their absolute path, you need to be sure the link includes the https.

https://mydomain.com/images/logo.png

https://mydomain.com/includes/script.js

Likewise, if you are using a CDN for resources on your website, you should check the CDN and make sure it is operating over SSL.

How to find not secure reasons for a Web page?

We  recommend to test your website with www.whynopadlock.com

See example below:

www.whynopadlock.com/

Test results show us that SSL is installed correctly but some Web page objects are not secure.

See the test results yourself: here.

----

Are you a WordPress user?

We reccomend plugin "WordPress Force HTTPS" by A. Kai Armstrong:

Wordpress plugin "WordPress Force HTTPS" by A. Kai Armstrong

  • ssl, ssl certificates, not secure
  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

SSL certificates

SSL (Secure Socket Layer) certificates encrypt data between the server and the viewer, this is...

Can I point an A record to a stackcp package and get the free SSL certificate?

No. To be able to apply the free SSL certificates your site(s) need to use the Hostmaria Cloud...

Why do I get an ERR_SSL_UNRECOGNIZED-NAME-ALERT error?

If you're trying to access the temporary URL (i.e. example-co-uk.staging.com) you may get an...

Can I use the free SSL certificate if I have Virtual Nameservers?

Yes. If you have bought the Virtual Nameservers product you can still use the free SSL...

Can I use the free SSL if my site doesn’t use the Cloud hosting nameservers?

No, sorry. To be able to apply the free SSL certificates your site(s) need to use our Cloud...