SSL Certificate Errors on Base44 Published App
Your published Base44 app shows SSL certificate warnings in the browser. Users see "Not Secure" in the address bar, a certificate error page they must click through, or mixed content warnings where some resources load over HTTP instead of HTTPS.
SSL issues erode user trust and can prevent some browsers from loading the app at all. Modern browsers increasingly block mixed content and show prominent warnings for certificate issues, making this a critical problem for any production app.
The issue may affect only your custom domain while the default Base44 URL works fine with SSL, or it may manifest as intermittent certificate errors that come and go.
Error Messages You Might See
Common Causes
- The SSL certificate for a custom domain has not been provisioned or has expired
- Mixed content: some images, scripts, or API calls use HTTP instead of HTTPS
- The app references hardcoded HTTP URLs in custom code or embedded content
- DNS changes disrupted the SSL certificate renewal process
How to Fix It
If using a custom domain, check whether the SSL certificate has been provisioned by visiting the domain and inspecting the certificate in your browser. If it hasn't been provisioned, re-verify your DNS settings and trigger a re-provisioning if Base44 offers that option.
For mixed content warnings, search your app's custom code and component settings for any http:// URLs and change them to https://. Embedded iframes, images, and external scripts are common culprits.
Persistent SSL issues, especially on custom domains, may require developer intervention to properly configure the certificate chain and ensure all resources are served securely.
Real developers can help you.
Bastien Labelle
Full stack dev w/ 20+ years of experience
Pratik
SWE with 15+ years of experience building and maintaining web apps and extensive BE infrastructure
Simon A.
I'm a backend developer building APIs, emulators, and interactive game systems. Professionally, I've developed Java/Spring reporting solutions, managed relational and NoSQL databases, and implemented CI/CD workflows.
Antriksh Narang
5 years+ Experienced Dev (Specially in Web Development), can help in python, javascript, react, next.js and full stack web dev technologies.
Taufan
I’m a product-focused engineer and tech leader who builds scalable systems and turns ideas into production-ready platforms.
Over the past years, I’ve worked across startups and fast-moving teams, leading backend architecture, improving system reliability, and shipping products used by thousands of users. My strength is not just writing code — but connecting product vision, technical execution, and business impact.
Costea Adrian
Embedded Engineer specilizing in perception systems. Latest project was a adas camera calibration system.
MFox
Full-stack professional senior engineer (15+years). Extensive experience in software development, qa, and IP networking.
Matthew Butler
Systems Development Engineer @ Amazon Web Services
Jen Jacobsen
I’m a Full-Stack Developer with over 10 years of experience building modern web and mobile applications. I enjoy working across the full product lifecycle — turning ideas into real, well-built products that are intuitive for users and scalable for businesses.
I particularly enjoy building mobile apps, modern web platforms, and solving complex technical problems in a way that keeps systems clean, reliable, and easy to maintain.
AUXLE
I am a Full Stack Developer experienced in building Websites, Web apps and Cross Platform Mobile Apps for Startups and Companies.
You don't need to be technical. Just describe what's wrong and a verified developer will handle the rest.
Get HelpFrequently Asked Questions
Why does my Base44 app show 'Not Secure'?
This usually means the SSL certificate isn't properly configured or there's mixed content (some resources loading over HTTP). Check your custom domain SSL settings and search for any hardcoded HTTP URLs.
How do I fix mixed content warnings in Base44?
Find any images, scripts, or API calls that use http:// URLs and change them to https://. This includes embedded content, external scripts, and image URLs in your database.