Step 1: Confirm that your website is indeed using a valid SSL Certificate. To determine the status of your SSL certificate, click on the information icon that appears where the padlock should be in your browser’s address bar. Then select Certificate (Valid).
There are some hosting providers that have a built-in feature for SSL certificates. OneHourSiteFix provides it as part of the Fix and Protect plan completely free and it will remain indefinitely active as long as your website is secure behind our firewall.
Step 2: Change website URLs from HTTP to HTTPS
If you are still dealing with mixed content after installing an authentic SSL certificate, chances are the website has not been set up properly for HTTPS encryption. Some WordPress sites for example within the backend have the option to adjust this part (almost automatically). Therefore, you need to set up a rule to serve all URLs as HTTPS.
Step 3: Add a rule to redirect HTTP to HTTPS
Another problem that may be causing this issue is if you don’t implement 301 Redirects to automatically send visitors to the secure version of your pages. Thus you need to for example add a rule in the .htaccess file to redirect all HTTP URLs to HTTPS.
Step 4: Do a search and replace manually all links within the content.
Depending on the setup the first three steps described here will not suffice and you will have to manually detect all the URLs on your site i.e. its content that is still being served as HTTP. There are plugins out there that can help you or do it yourself via PHPMyAdmin.
Once done, please reload the website using a cleared browser and it should start loading HTTPS without mixed content.