It would be very helpful to see the full URL bar in your screen shot, but the first part of it is blocked by a little hover popup.

Also, this isn't an SSL issue. It seems you are not using https and that is what your browser is telling you. It is not telling you about an expired SSL cert, invalid SSL cert, mismatched SSL cert etc.

If you are starting out on the https site and then being redirected at some point to http, it would help to know where that redirect happens. Perhaps you followed a link that another member posted and it steered you away from https. Or perhaps there is a hardcoded instead of relative link on one of the nav buttons somewhere.

I do not worry about https here. There is no reason whatsoever for me to need anything encrypted in transport between myself and calguns.net. This isn't Morgan Stanley or the IRS I'm exchanging info with. All posts are public, and even private messages are stored in a database that is far more likely to be compromised at rest than your communications are in transport. As for the password, if you use your Calguns password anywhere else that does actually have your private or financial info stored - well there is no helping you anywhere online, using any technology.

Also, youtube embeds dont work if you use https to browse calguns, and you also cant use https links to give itrader feedback, along with other weirdness that makes the 'feels good' aspect of https not worth the effort here, especially since there is not much for the average forum user to protect anyhow.

The SSL certificate is fine. Newer browsers are more restrictive and complain about 2 things. 1) Some contents on the page such as images are not encrypted. 2) The certificate is not using Extended Validation feature.

weird, now it is allowing https://.... earlier i was typing in https:// and it was redirecting to http://

i think it i might be the ads lazyworm's right.

Same here... not showing the lock or https

Reloaded directly as https and it's still not showing as secure.

The docroot for port 443 is simply a redirect to port 80:

As far as loading https://www.calguns.net/calgunforum/ directly, if you grep the the actual delivered web doc, you will locate tons of http:// assets. If you have embedded http:// assets on an https:// served page, it is going to result in an insecure warning because of mixed http and https.

Extended Validation (EV) certs are not required for a secured bar. I have a standard non-EV cert.



EV certs will show the company name in the bar or some other indicator that is EV.



It is going to be quite difficult for calguns to be fully ssl, especially if it allows hotlinking, because people will hotlink to non-ssl images or assets, just like I did above with imgur.