My website still showing Not Secure

melwin · April 22, 2017, 5:17pm

Please fill out the fields below so we can help you better.

My domain is: estoreproj.xyz

I ran this command: Lets Encrypt on Plesk

It produced this output: Lets Encrypt Certificate successfully installed on estoreproj.xyz

My operating system is (include version):Windows 8.1 64 bit

My web server is (include version): Not Sure

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know): I Don’t know

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):Plesk

Hi,

My website is hosted by Plesk.I ran Let’s Encrypt Application on plesk,and entered my mail and hit the submit button.
After few seconds got a message on top saying Let’s Encrypt Certificate Installed On estoreproj.xyz.

I went to hosting settings and changes the Use SSl to Let’s Encrypt SSL.

But my website shows Not Secure even after installing SSL.Am i doing something wrong?Please let me know.

Osiris · April 22, 2017, 5:28pm

The certificate is properly installed: https://dev.ssllabs.com/ssltest/analyze.html?d=estoreproj.xyz&hideResults=on (although it’s lacking on some security issues…)

The page itself doesn’t do anything on my mobile phone, but can it be it loads data from a non-secure location?

sahsanu · April 22, 2017, 5:30pm

Hi @melwin,

Your Let’s Encrypt certificate is OK, the problem with your site is the mixed content. When you set a site to use SSL, all the contents, urls to load js, images, etc. should have https links instead of http.

For example, your site try to load this content:

http://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js
http://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.2/modernizr.js
http://fonts.googleapis.com/css?family=Londrina+Solid|Coda+Caption:800|Open+Sans
http://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
http://fonts.gstatic.com/s/opensans/v13/cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2

You should modify the links to use https instead of http.

Cheers,
sahsanu

Lavabird · April 22, 2017, 5:32pm

Maybe restart your web server? I know that when I renewed my cert, I had to restart NGINX for it to be detected correctly.

ahaw021 · April 22, 2017, 10:58pm

further to this you can use this site to identify insecure content

https://www.whynopadlock.com/

Osiris · April 23, 2017, 10:10am

Have tried it? WhyNoPadLock says everything is OK…

system · May 23, 2017, 10:10am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
How to run Let's Encrypt Help	5	1657	June 16, 2017
Time taken for site to go 'secure'? Help	8	1428	April 2, 2017
Certificate installed on my plesk hosting but appears bugged Help	3	568	June 7, 2019
Help with Let's Encrypt and web hosters Help	7	3673	June 16, 2019
LetsEncrypt Certificate never stabile Help	7	844	June 2, 2019

My website still showing Not Secure

Related topics