Mixed content linked correctly still shows error on chrome

Question

I have a website that uses an SSL certificate and redirects all http links to https. It still shows a mixed content warning on Chrome for all images I'm trying to load. I've tried everything, I went to this page:

https://developers.google.com/web/fundamentals/security/prevent-mixed-content/fixing-mixed-content#alternatives_to_csp

That was quite helpful but didn't solve my issue. I tried adding the suggested meta tag to my <head> but that simply blocked all images, which confirms that Chrome thinks the images aren't hosted securely. They most definitely are! If you go to:

http://www.growconomy.net/img/background.png

You can see that it automatically redirects to https! Even more, I changed all image links to https in my source code, so this shouldn't even matter. But my images are 100% pulled from the https link, I don't know why or how chrome pulls them from http.

You can check the website out here: http://www.growconomy.net

I'm interested to see if you receive the same warnings. It's quite annoying as the majority of people use Chrome and will therefore see the warning while it's not necessary as far as my knowledge goes. What could this possibly be?

My .htaccess file looks like this:

RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]

RewriteEngine On
RewriteCond %{HTTP_HOST} ^www.growconomy.net [NC]
RewriteRule ^(.*)$ https://growconomy.net/$1 [L,R=301]

RewriteEngine On
RewriteCond %{THE_REQUEST} ^.*/index\.php 
RewriteRule ^(.*)index.php$ /$1 [R=301,L] 

Answer 1

All of your resources are redirecting from HTTPS to HTTP. So even though all the image URLs begin with https:// in the HTML, the response redirects from https://www.growconomy.net/img/favicon.ico to http://growconomy.net/img/favicon.ico and so on. Fix the redirects and the warning will go away. Chrome's network tab will show what the 301 and 302 redirects are.