Step 1 (Fill out this form)
Google Chrome labeling of non HTTPS sites
Press ReleaseIn October 2017, Google will begin phase two of its plan to label all HTTP pages as non-secure. With the latest Google requirements to have HTTPS on all sites with a search feature it is now immanent to have SSL setup across the board for your entire site even if your exchange is hosting your checkout pages. Below find two pathways in getting your site setup. One option is for users who have their own SSL and need our team to have it setup for their website. Those users simply pay and administration setup fee for install of the certificate on our servers and the second option is to purchase the certificate directly from us in which case we will take care of everything for you.
More Details About the Google Chrome labeling of non HTTPS sites:
October will mark stage two of Google's plan to label all HTTP pages as 'Not secure' in Chrome.
In January, Google started to label some pages in HTTP as non-secure with the release of Chrome 56. This phase affected pages that transmit sensitive information such as login and payment-card data on the web.
The not-secure label indicated that data is being exchanged on an unencrypted connection. HTTPS, the secure version of HTTP, offers better protection against someone on the same network viewing or modifying the traffic, in what is known as a man-in-the-middle attack.
Beginning in October, Chrome will label HTTP pages as insecure if users can input any data. Google highlights this will apply to any page with a search box.
"Any type of data that users type into websites should not be accessible to others on the network, so starting in version 62 Chrome will show the 'Not secure' warning when users type data into HTTP sites," said Emily Schechter, a Chrome Security Team product manager.
The expanded warnings for HTTP pages will are likely to add pressure on site owners to acquire the necessary SSL/TLS certificates and setup HTTPS on their web servers. Also, warnings for any user-input field cast a wider net than login and payment pages, given the frequency of pages with a search box.
Site owners have about six months from now to enable HTTPS with Chrome 62 due for stable release on October 24.
Firefox maker Mozilla hasn't yet said whether it will follow Chrome's new user input warnings, but it also began displaying 'in-context' warnings for payment and login pages in January.
One site owner discovered the consequences of not enabling HTTPS on payment and login pages in March, and, amusingly, filed a bug report to Mozilla requesting the warnings be removed.
Once you have completed both steps above you will be contacted by a support team member to let you know if any additional information is required and when to expect your site to be setup with HTTPS.