My site loads on HTTP but not HTTPS. What is wrong?

Either the certificate is missing, expired, or invalid for that hostname - or your web server is not listening on port 443. Check the certificate first, then the server config.

HTTPS works on desktop but not mobile. Why?

Almost always a missing intermediate certificate. Desktop browsers cache common intermediates from past sites. Mobile browsers do not, so they fail. Re-install the full certificate chain on the server.

Will switching to HTTPS hurt my SEO?

No - Google prefers HTTPS. Just set up 301 redirects from HTTP to HTTPS and update internal links so you do not split traffic between two versions.

HTTPS Not Working? A Plain-English Troubleshooting Guide

Your site loads on http:// but not https://. Or HTTPS used to work and just broke. Or it works for you but not for users. This guide walks you through the most common causes, in order of how often they happen.

Why HTTPS feels fragile

HTTPS is like a sealed envelope delivery service. The post office only accepts the envelope if every step is correct - the right stamp, the right address, the seal unbroken. Miss one detail and the whole package is rejected.

The diagnostic order

Work through this list top to bottom. Stop at the first one that matches.

1. The certificate expired

Run a quick check on your domain. If the certificate is past its end date, this is your problem. Renew and reinstall.

2. The certificate is for the wrong hostname

Visit https://yoursite.com and https://www.yoursite.com in two tabs. If one works and the other does not, your certificate only covers one variant. Reissue with both names listed.

3. The intermediate certificate is missing

Classic “works on my machine” story. The site loads on your desktop but fails on mobile or a fresh laptop.

Why? Browsers need a chain of trust: leaf → intermediate → root. Some servers only send the leaf. Desktop browsers might have the intermediate cached from another site, so they still work. Mobile browsers do not cache. They fail.

Fix: install the full chain on your server, not just the leaf certificate.

4. The server is not listening on port 443

HTTP runs on port 80. HTTPS runs on port 443. If port 443 is closed at the firewall, or your web server is not configured to accept HTTPS traffic, browsers just see “connection refused.” Check your server config and firewall rules.

5. Mixed content

The page loads on HTTPS, but inside it pulls images or scripts from http:// URLs. Modern browsers block the insecure pieces. Find the offending URLs (browser console will tell you), and switch them to https://.

6. HSTS is too aggressive

HSTS tells browsers “only ever use HTTPS for this site, for the next year.” Useful - until something breaks and the browser refuses to fall back. If you set HSTS while still testing, you can lock yourself out. Lower max-age while debugging.

One scan, one answer

Manual checks take time. A free scanner pulls everything in one shot - certificate, chain, hostname match, supported protocols, weak ciphers. Scan your domain free and you will have your answer in under a minute.

After the fix: prevention

Once HTTPS works, keep it working. Schedule scans so you find issues before customers do - expired certificates, weak ciphers, broken chains. Quiet monitoring beats loud emergencies every time.