Even if this topic (Latest Ubuntu Chrome shows it insecure and inspect/security tells “Active content with certificate errors”) has been mentioned and closed earlier with repeated reminders to clear the browser state I am compelled to mention it again, and here is why.
I have a carefully crafted letsencrypt cert with server settings that shows all-green on the advanced Qualys report https://www.ssllabs.com/ssltest/analyze.html?d=yourdomain.tld and have adjusted my zone file to all needed options, the cipher-suite to match the requirements, and even cleansed my wp-theme from all URLs with “http” I’m still persistently getting this error (and as a result browser showing the site red-unsecure) on Chrome (but not on latest Chromium).
It is still probably a simple config on my side, but this eluding me I was wondering what other things I should check. Especially since advanced site scanners not seeing the reason and browser inspect not having a more verbose diagnostics on this it is annoying to hunt this one down.
deployyour.app (work in progress) - top row says “! Not Secure” in red and inspect->security tells
Resources - active content with certificate errors
You have recently allowed content loaded with certificate errors (such as scripts or iframes) to run on this site.
I am suspecting the fancy wp module content has some minified js libraries which may still be unclean (e.g. a hidden iframe) but not been able to grep by now.
Thanks - your info surely helped to fix the issue.
Observations:
my version of Chrome does not out-of-box show the non-secure origins (maybe I need to turn on a flag?) but once you know this as a possible issue, view-source helps in hunting the culprit down.
an accidentally network-enabled plugin not supporting wp-multi can cause cross-referring.
Purely relying on WP-Encrypt may not be the final word on using your excellent certbot on multi-tenant wp-setups.
There is room for a more end-to-end security scan to identify these types of issues including telling which wp-plugin or js library causes it especially when many plugins and other resources are being used.