Around one year ago, Google Chrome announced that they would begin marking all sites that are not encrypted with HTTPS as “not secure” in their browser. This move essentially started shaming websites by displaying a “Not Secure” marker in the address bar. However this happened only when the site collected passwords or credit card info.
Later in 2017, they further announced their next steps towards a more secure internet. In this step the warning came up in two more situations: when people enter data on an HTTP page, and on all HTTP pages visited in Incognito mode.
This war was waged on the grounds that when you load a website over HTTP, someone else on the network can look at or change the site before it gets to you. This definitely was a meaningful fight.
Here’s the rub?—?Chrome has made switching over to https as a basic hygiene for every site. Starting July 2018 Chrome will begin displaying the “Not Secure” mark on all http websites.
For the major players out there this news will not matter. For the very small personal blog/ web sites with dedicated fans, this again might be a trivial affair. However if you were running a fledgling company that was so far unwilling to shell out in buying your own SSL/ TLS certificate this might cause some concerns.
To offset this there are several means by which you can procure your own certificate for free. I wanted to cover some of these in this post.