New Moodle installation open with broken css/js: Mixed Content: The page at 'https://example.com/' was loaded over HTTPS, but requested an insecure script

Symptoms

• New Moodle installation opens with a broken css/js. The following error is displayed in the web browser's console:

  CONFIG_TEXT: Mixed Content: The page at 'https://example.com/' was loaded over HTTPS, but requested an insecure script 'http://example.com/theme/yui_combo.php?rollup/3.17.2/yui-moodlesimple-min.js'. This request has been blocked; the content must be served over HTTPS.

• Domains > example.com > Hosting Settings > SSL Support and Permanent SEO-safe 301 redirect from HTTP to HTTPS are enabled.

• Domains > example.com > File manager > httpdocs > config.php > $CFG->wwwroot is set to use the HTTP protocol: http://example.com.

Cause

Moodle can only handle one protocol at a time.
This has been reported as bug APSI-1566 which will be fixed in future updates.

Resolution

1. Log into Plesk.

2. Go to Domains > example.com > File manager > httpdocs > config.php and change the HTTP protocol to HTTPS for $CFG->wwwroot:

   Before:

   CONFIG_TEXT: $CFG->wwwroot = 'http://example.com';

   After:

   CONFIG_TEXT: $CFG->wwwroot = 'https://example.com';

3. Click OK.