I have uploaded SSL certificates onto my server, configured them and enabled in Magento admin panel. The backend works perfectly, the HTTPS adress is there and the lock is displayed.
However in the frontend it does not. The HTTPS works, but there is no lock, and when clicking on the information icon I get message “Your connection is not fully secure” but there is a certificate there and you can see it’s identical to the one in the backend (which is a good thing right? since I only got one certificate for the domain).
Here is a screenshot of my Web settings in admin panel:
So there are a few "http://’ links, those are links from the template as well as few links I myself put on the front page before I installed ssl. Other than that all the links are “https://” including the ones like “base url” and such. So are those link causing that problem? Because the security tab show this:
Resources - mixed content
This page includes HTTP resources.
Reload the page to record requests for HTTP resources.
Exactly. You need to dig out the “http://” references and either delete the prefix or replace with “https://”. This will fix the issue.
I think it’s considered bad practice to prefix a src URL with “http://” because it causes more issues than not. So you either “force” an SSL connection with:
<img src="https://example.com/example.jpg">
Or let the web browser decide by not adding any prefix (this is what I do because it’s interchangeable and therefore compatible whether viewing in SSL or none-SSL):