The error message stating that an SSL-encrypted website could not establish a secure connection can be confusing at first glance. Often, this error message is actually caused by so-called "mixed content." This article explains in detail what this means and how to resolve the error message or "mixed content."
1. What does "mixed content" mean?
The "Mixed content" error message means that when accessing a website secured with an SSL certificate (https), parts of it are being loaded over an unsecured connection (http).
As a result, the website is only partially encrypted, which can also pose a security issue.
Requests made via the HTTP protocol are more vulnerable to hacking attacks, which is why many browsers are increasingly blocking "mixed content" and no longer displaying it.
The security warning that appears in Firefox, for example, is completely omitted in some Chromium-based browsers—but the underlying problem still exists.
2. How do I fix the error message?
With the integrated developer tools of your browser or the developer console, as well as directly via the source code, you can find out which parts of your website are being loaded over an insecure connection.
In the settings of various browsers, you can find these tools, or in Chromium-based browsers, you can open them using the keyboard shortcut CTRL+SHIFT+I (Windows/Linux) or OPTION+COMMAND+I (Mac OS).
In these tools, there is a section called "Console" where all errors detected by the browser on the page are displayed—including content loaded via HTTP.
All of this content loaded via HTTP must be changed in your website's source code or in the underlying database to a secure HTTPS connection to resolve the error message and deliver the content securely.
3. Further links:
Activate Let's Encrypt certificate in the control panel
Activate Let's Encrypt certificate in Cloudpit