@Chris_Palmer I agree w/ @fullyint that it’s probably a mixed content issue. I don’t believe your site is a Bedrock site. The site/home urls in your database have the correct protocol. Your wp-config.php did statically define those URLs (to the wrong protocol) at one point, but they were commented out before I started looking at it.
I went back and took another look at the theme files, and while there were a number of non-https hard-coded URLs, there are a number that are using what should be the correct functions to get URLs, so it seems like there’s something in there telling WordPress it’s on a non-SSL site.