Issued certificate but URL box displays "Not Secure"



I really don’t know enough about this at all so asking for help! Thanks in advance for any help with this.

I inherited this site from a friend and see that there is an SSL good foor another ~80 days issued through Let’s Encrypt and I’m trying to figure out why the URL box doesn’t display as secure in all situations. In most cases when I visit the site, the URL box reads “Not Secure” before displaying the URL

Can you help with this?


Hi @GregH

you have an interesting configuration ( ):

There are 4 ip addresses:

Host T IP-Address is auth. ∑ Queries ∑ Timeout A yes 1 0
A yes 1 0
A yes 1 0
A yes 1 0
AAAA yes C yes 1 0
A yes
A yes
A yes
A yes

All have the same content. But you have only redirects non-www -> www:

Domainname Http-Status redirect Sec. G 301 0.350 D 301 0.293 D 301 0.340 D 301 0.294 D 200 0.440 H 200 0.407 H 200 0.430 H 200 0.453 H 301 6.693 B 301 6.507 B 301 6.800 B 301 6.503 B 200 6.593 B 200 6.770 B 200 6.987 B 200 6.693 B

So you have 8 https connections, but all use two certificates:
expires in 80 days - 1 entry
expires in 80 days - 1 entry

and all https connections are secure.

So there is no wrong certificate, no insecure connection found. But if you don’t have a redirect, then http + www isn’t redirected -> this is unsecure.

So add redirects in the correct order:

  • First redirect http + non-www -> https + non-www and http + www -> https + www.
  • Then select one preferred version and redirect from your not-preferred version to your preferred version.

PS: You have small mixed content warnings.


This is inconsistent, if you use https, you don’t want a http as canonical. But browsers doesn’t show this as mixed content (they should, but this is another story).


wow this is incredibly helpful. Although I do understand the basics of what you’re saying, this really isn’t my area of expertise. I’m confused (because of my limited experience) in terms of how I would actually go about changing and implementing those redirects. You described it well I just don’t know what I’m doing. Is there any way that I could hire you to fix the redirect and canonical errors? Thank you for reading


You have already a working redirect http + non-www -> http + www.

Find this redirect (in your VirtualHost with port 80) and change it to

http + non-www -> https + non-www

(Add the s and remove the www. ).

Then add an analogous redirect in your

http + www - VirtualHost

http + www -> https + www

this is only a s.


Who created the current redirections?

What do those redirections look like?


Thanks all! Really appreciate the help! It’s all set

closed #7

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.