HTTPS (Hypertext Transfer Protocol Secure) displaying on the left-most side of your website URL is the indicator that your website is safe to use. This is an encrypted extension of the Hypertext Transfer Protocol.
Google Chrome has recently implemented to show a warning signal before accessing a website URL without HTTPS to ensure the safety of the website visitors. That is why, as a website owner, it is important to make your website secure by installing an SSL certificate to your website. But sometimes, purchasing the SSL Certificate does not automatically redirect your website to HTTPS.
Here are the possible reasons why HTTPS is not showing on your website:
1. SSL is not installed correctly on the web hosting server.
The SSL certificate should be installed correctly on the server where your website is hosted. This can be checked on Why No Padlock and should show the same result in the screenshot below. If the result in this section shows an error, reinstall the SSL certificate correctly or contact your web host.
2. Website URL not configured to HTTPS.
Purchasing and installing the SSL certificate does not automatically change your website URL from HTTP to HTTPS. Update your website URL to HTTPS via phpMyAdmin, your website configuration, or in .htaccess file. If Why No Padlock is showing that the Force HTTPS is not configured, click the More Info link to see the instructions on how to update your .htaccess file.
3. SSL certificate has expired.
Starting September 2020, browsers no longer accept SSL certificates that are valid for more than a year. An expired certificate is as good as no SSL certificate. Request a replacement of new certificate from your SSL provider 3 weeks prior to the expiration of your current SSL certificate. Why No Padlock results also provide the expiration of your SSL certificate as shown in the screenshot below.
4. Mixed content.
Mixed content happens when the whole website is redirected to HTTPS but some of the website contents like images and videos, still run under HTTP. The HTTP codes on the website need to be updated to HTTPS by the web developer. Why No Padlock also gives specific file paths for the contents that caused such error. See the screenshot below on how the result looks like.
5. Domain Name Mismatch
This usually happens when you recently changed the domain name of your website. The existing SSL certificate should be reissued to the new domain name and then should be reinstalled on the web hosting server. Why No Padlock gives domain mismatch result as shown in the screenshot below.