If your site loads but the browser says "Not Secure" or shows a broken padlock, one of these is usually the cause.
1. SSL hasn't been issued yet (most common)
After pointing your domain to Hostiko, AutoSSL takes 5-10 minutes to detect the domain and request a Let's Encrypt certificate. Wait 15 minutes and reload. Still nothing? Force a re-check in DirectAdmin → SSL Certificates → "Run AutoSSL for User".
2. You're visiting via http:// not https://
Type the URL with https:// explicitly, or set up automatic redirect (next item).
3. Mixed content — some assets load via HTTP
The padlock has a yellow warning if your HTML loads images, scripts, or stylesheets over plain http://. Fix: replace those URLs with https:// or protocol-relative //example.com/. WordPress users can use the free "Really Simple SSL" plugin to auto-fix this.
4. Verify the cert with our tool
Run your domain through our free SSL checker to see the cert's issuer and expiry. If it shows a generic self-signed cert or "DEFAULT", AutoSSL hasn't completed yet.
5. Force HTTPS redirect
In DirectAdmin → SSL Certificates → enable "Force SSL with HTTPS redirect". Or add this to your .htaccess file:
RewriteEngine On
RewriteCond %{HTTPS} !on
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]Still stuck?
Open a support ticket with the domain name; our team will investigate within an hour during weekdays.