The home page is not https and it gets redirected to http when tested on whynopadlock.
I've checked /contact-us, /quick-order, /my-account, /order-history, /identity (i.e., pretty much all HTTPS pages), and they all give the same error on whynopadlock:
Insecure <form> call.
Found on line # 1
And Chrome dev tools show:
Mixed Content: The page at 'https://mydomain.com/----' was loaded over a secure connection, but contains a form which targets an insecure endpoint 'http://mydomain.com/'. This endpoint should be made available over a secure connection.
Thank you.