New SSL not working not sure why

My previous SSL has expired and I’ve added Cloudfare and my account says the SSL is active but my website: is displaying the ‘not secure’ message. Is there something else I need to do? As I’m desperate to resolve, I have paid for a secure SSL and this is also in place but still no luck with getting my website secure and scaring off my customers. Have cleared cache.
Please help!
Many thanks

You have mixed content on your site (mixing HTTP with HTTPS) and browsers are not too fond of that.

Just search the forum here for it and you should find plenty of answers. Its a common issue with Wordpress.

Thanks Sandro, I think there is also an issue with the new SSL though?

Not as far as I can tell. Only the inclusion of HTTP resources raises the warnings. The certificate itself looks alright. Why would you think so, respectively could you post a screenshot of the issue if you really think so?

Hmm thanks Sandro
I have initiated this within the cloudfare panel

Always use HTTPS

Redirect all requests with scheme “http” to “https”. This applies to all http requests to the zone

Do you think that will help with the issue you see?

It might, but no guarantees. Please check out the respective disclaimer under that feature.

It would be best if you could configure your server / Wordpress instance not to respond with such a mixture in the first place. If that is not possible for some reason you could try Cloudflare’s rewriting, but again no guarantees :slight_smile:

thanks Sandro, I’m not sure how to configure it to not show the mixture, I haven’t had an issue before, my previous SSL worked fine, I just changed to cloudfare last night and now having issues :frowning:

Did you have TLS/SSL enabled before switching to Cloudflare? Whats your TLS/SSL mode on Cloudflare? Flexible or one of the Fulls?

it is on full, should it be flexible? The error I am seeing about the page being not secure is that the SSL is not valid (ie past one expired, which was due to expire today)

No, no, Full is alright. But in that case I wouldnt expect it to have worked earlier either. As for the validity, the certificate I get was issued today. While that should be rolled out to all edges there have been such issues before. So if you are sure you are going via Cloudflare and get an expired certificate you could open a support ticket at their “support” email address and they would look into that.

As for the mixed content, thats something you’d need to fix on the Wordpress side. You could try the Always Use feature of Cloudflare but no guarantees :slight_smile:

thanks sandro, do you know what the support email address is?
(my previous cert wasn’t with cloudfare) thanks

See above please in quotes

ah i see thanks :slight_smile:

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.