Because now you have to serve every single bit of your page over SSL (to avoid security warnings) and that means none of your page content can be cached. It also makes relatively mundane things, like having your proxy server communicate the originating ip address, much harder. I can set up haproxy to add an X-Forwarded-For header in almost no time flat. In fact I just gave you enough information to google that solution for yourself. Solving that problem over SSL is much harder.

Engineering a MITM attack is much more technically difficult than snooping traffic. Not every company actually need to turn the security knob up to 11 on this aspect, and being able to do unencrypted-page-with-encrypted-login is a good trade-off when you can make it.