I've use WordPress HTTPS in the past and it worked great. I'm not sure why, but it has started giving me an insecure lock icon. Perhaps since I upgraded to 2.04?
The only insecure item it is showing in the console is a sharethis button which I do not even use on the site. I think the shop plug-in is calling for it.
Site is http://www.foodiggity.com