Valid certificate but Google has 'i', not fully secure?


#1

I’m using certbot --apache for a several domains and when I original setup the first batch I would do them in groups using the 1,2,3 etc. for the “Which names would you like to activate HTTPS for?” Everything has been going well, but I have one that shows the lower case ‘i’ icon in Chrome, but that same domain-certificate is used for several and they look ok.

Then I tried to replace the certificate that was “not fully secure”, I wonder if I made bigger mess. I think I tried to a2dissite on both the -le-ssl.conf and the regular .conf, then rm’d the -le-ssl and redo the certifcate over with certbot --apache.

This is the domain with the ‘not fully secure’ message:
https://aksurgery.com/

Here are some that are on or using the same original certificate, that look good in Chrome, they show the green padlock with the “Secure”.
https://alaskaspinecenter.com/
https://arcadiasurgerycenter.com/
https://alliancelakemary.com/

What’s the best practice for ‘re-doing’ a certificate when I see something like the “not fully secure” message?

What’s the best practice for ‘fixing’ the exiting domain/cert that has that message, anything I can do without redoing it?

Thanks,
Dave


#2

www.whynopadlock.com


#3

Full tests

https://www.whynopadlock.com/results/56d66eca-e72f-4fbe-9214-f831f723bc53

You have a http mixed content error.

Please try to fix it… So you’ll have a ‘secure’ padlock.

Thank you


#4

You guys are the best!!! I’d check both as the correct answer.


#5

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.