Why is my Shopify store showing “Not secure” and how do I fix HTTPS?

What does “Not Secure” mean in Shopify?

When your Shopify store shows Not Secure in the browser address bar, it means your website is not currently protected with an active SSL certificate. This happens when your site is loading over http:// instead of https://. Without HTTPS, any data entered on your store (login, contact forms, checkout details) is not encrypted.

Why your Shopify store shows “Not Secure”

• Your domain is not fully connected to Shopify
• SSL certificate is still pending
• Incorrect DNS records at your domain provider
• Your store is loading mixed content (HTTP images, scripts, or files)
• You are accessing the store using the old http:// link

Why HTTPS is important

• Protects customer data and payments
• Builds trust with visitors
• Improves Google ranking
• Prevents browsers from blocking your site

How to fix “Not Secure” and enable HTTPS in Shopify

1. From Shopify admin, go to Settings > Domains.
2. Make sure your domain shows as Connected and Secure.
3. Set your custom domain as Primary domain.
4. Log in to your domain provider and check DNS:
   • A record must point to Shopify
   • CNAME record must point to Shopify
   • Remove unnecessary AAAA records
5. Remove mixed content:
   • Update all images, scripts, and links to use HTTPS
6. Wait 24–48 hours for SSL activation if recently updated.

How to force HTTPS for your store

1. Go to Settings > Domains.
2. Enable redirect so all HTTP traffic goes to HTTPS.
3. Set your custom domain as your primary domain.

How to confirm your store is secure

Open your store using https://yourdomain.com. You should see a padlock icon and your domain marked as Secure.

Final note

Shopify provides free SSL for all stores. Once your domain and DNS are correctly configured, HTTPS becomes active automatically and your store will no longer show Not Secure.