Educated guess ....
If a resource in Moodle has been uploaded to Moodle, the software uses the $CFG->wwwroot URL (ie, the http:// ) amd records that in the DB. If, later on, one changes the config file to https://, that doesn't change how the link is recorded in the DB. Moodle doesn't use relative addressing.
So check DB for those URL's ... there is a search and replace tool in Moodle but think I'd inspect the tables first and do only one resource change then check it, before using the s&r tool.
'spirit of sharing'. Ken
Security and privacy
About Drupal + Moodle integration
This discussion has been locked so you can no longer reply to it.