1. Login to Cloudflare.com and navigate to Page Rules (under the sprocket Icon right side of screen)
2. Click Always Use HTTPS on by clicking to the left of OFF to turn On.
3. Add the Rule Pattern the following way:
http://yourdomain.com/*
Replace your domain with your actual domain name. .com, .net etc.
4. Click Add Rule and wait at least 60 seconds before checking the website.
Note: This works best with old fashioned websites. For database driven websites additional work may be needed.

1. If you are running WordPress or a WordPress Network (formerly MU) a good plugin is WordPress HTTPS. It does not affect your database so disabling the plugin should work if it causes any issues. See plugin FAQ’s to remove a single line using FTP file editor or Control Panel to disable quickly without removing the whole plugin.
2. You may also have issues with images and other insecure items on your website. There is no easy fix if you have a lot of pictures. You can try a Find and Replace plugin to remove the http: in front of your image file links. Simply using //domain.com/wp-content/uploads/year/month/imagefilename.jpg etc should work to restore missing images.
3. To try and fix the Padlock showing up with a warning you can try adding the following code to your wp-config.php file. Does not work in all cases:
// Amazon AWS Elastic Load Balancer, CloudFlare, and some others
if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https')
$_SERVER['HTTPS']='on';

If you see https:// but do not see a padlock you can visit this website to discover why.

https://www.whynopadlock.com/