I have inherited an ASP.Internet site which has an SSL certificate bought via GoDaddy.

However , the certificate appears to become invalid due to some "mixed content/assets" (I believe that's how its known as) originating from http sites.

Chrome is showing the red-colored mix within the lock alongside https, meaning it's unsecured. The advertisements popping states the next:

alt text

Click in "Exactly what do these mean?" goes here which states:

The [entered-lock] icon seems when Google Chrome picks up high-risk mixed content, for example JavaScript, around the page or once the site presents an invalid certificate.

The certificate is correct and valid because I attempted developing a blank "Hi world" .aspx page and it is showing the eco-friendly lock without any problems.

Reading through a bit, I discovered which i should only include images and javascript originating from https sites. The only real factor it had originating from http was the addthis widget, but they support https, and so i transformed to https, but it is still saying that's unsecured.

I have looked for other things originating from http within the source, but did not find anything.

Can there be a way (site, chrome extension, opera extension, whatever) which will show exactly what are assets which are "unsecured"?

I have never worked with SSL/HTTPS certificates, but I have to fix this problem as soon as possible.

Are you currently on Home windows? Download and run Fiddler while browsing the website, watching for HTTP connections.

I have found the issue while using Chrome Developer Tools. It had been a js that's embedding a expensive from an third party site which it's using http.