Canonical points to HTTPS version
This means that the URL in question uses the HTTP protocol, but the canonical URL uses HTTPS.
Why is this important?
With security a growing concern for search engines and search engine marketers alike, it is considered best practice for all websites to use HTTPS as the default and preferred protocol. If a URL is accessible under HTTP, yet states a canonical URL that uses HTTPS, this may cause issues in getting the search engines to recognise and index the 'right' URL (which in this case is assumed to be the HTTPS version).
If HTTP URLs have been found in the crawl, yet they have canonical URLs using HTTPS, it may be the case that the HTTP URLs should not have been crawlable/findable in the first place.
What does the Hint check?
This Hint will trigger for any internal HTTP URL which contains a canonical link element that uses a HTTPS URL as the canonical URL.
Examples that trigger this Hint:
Consider the URL: http://example.com/page-a
The Hint would trigger for this URL if it had a canonical using a HTTPS URL;
Canonical link in the <head> to a HTTPS URL
OR HTTP Header canonical link to a HTTPS URL
How do you resolve this issue?
Generally, if you see this issue it is a result of a misconfiguration. However it could be the case that this is deliberate, and HTTP URLs are supposed to canonical to HTTPS ones.
If it is not deliberate, it may simply be a mistake, in which case you can fix this by switching the canonical URLs from HTTPS to HTTP. Often, this type of issue is controlled by particular rules or page templates, so it might be possible to solve this issue for all or lots of pages at once, with a few changes to the governing rules/templates.
A follow-on question that you may need to investigate: if the site is 'supposed' to use HTTPS, why were HTTP URLs found in crawl?