Why does my site show a mixed-content warning on firefox (with an SSL certificate) even though there is no http content in the source code?

This is my site: https://www.missionfamily.org
If you open it in firefox (chrome = ok) you will see in the address bar the green SSL certificate confirmation and at the left of it, a half-white half-grey shield which indicates mixed content. I don't understand it! I have looked at the source code of the page and searched for the string "http:" but I can't find anything anymore. I can't understand where the problem is and how to fix it.

Please help.

thanks in advance
badwolfffAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Tom BeckCommented:
Not a solution really but some observations.

The error from the javascript shows this:

Blocked loading mixed active content "http://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,400,300,600"

You have this in the head of the page:

<link href="https://fonts.googleapis.com/css?family=Open+Sans:400,400i,300,700" rel="stylesheet" type="text/css" />

And this further down.

<link media="all" type="text/css" href="https://fonts.googleapis.com/css?family=Open+Sans:400,700" id="et_monarch-open-sans-css" rel="stylesheet">

So far, not a problem except that there's no need to load them twice.

You should start looking in your functions.php file or in your plug-ins files for some script that is loading the Open Sans fonts without "https:".

Also read this article.

I'm also seeing some serious structural problems in the source code.

You have markup for the email capture form INSIDE the head section of the page. Not good.
You have a javascript block BETWEEN the </head> and <body> tags.
You have another script block AFTER the closing </body></html> tags followed by another set of </body></html> tags
You have many instances of orphaned tags and/or improperly nested tags throughout the page.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
badwolfffAuthor Commented:
Thanks for the suggestions. I am looking into them.
As per the link you suggest, the site is in opencart and not wordpress.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
SSL / HTTPS

From novice to tech pro — start learning today.