Google Chrome is Warning Visitors About Websites Lacking HTTPS
Problem
The latest Google Chrome web browser, version 68, made available on Tuesday, July 24, 2018, is showing warnings for websites and webpages that use Hypertext Transfer Protocol (HTTP) instead of Hypertext Transfer Protocol Secure (HTTPS). More and more web visitors will see the warnings as more and more visitors upgrade to Google Chrome 68.
Essent Service Impact Analysis
The change was expected as technology companies have urged website owners for years to have websites encrypt all traffic by default. HTTPS is the encrypted version of HTTP, the protocol that allows a web browser to request and retrieve a webpage from a web server.
Google and other technology companies have endorsed using HTTPS for every page at all times – Always-On Encryption – to help ensure that activity stays private regardless if the data itself is sensitive. The Chrome update is enforcing Google's policy and takes the extra step of explicitly warning visitors when they are on an un-encrypted page.
Essent SiteBuilder customers who don't use security certificates for their domain are affected, as are customers who have acquired a security certificate but have not configured SiteBuilder to use the HTTPS protocol at all times by default.
Corrective Action
If the site doesn't have a security certificate procured, one must be procured. Contact Essent Systems Integration for assistance in procuring a certificate.
When the certificate is procured, the customer must configure the SiteBuilderwebsite to secure all connections:
1. Go to the Site Detail section of the Site Settings
2. Update the Secure Connections setting to ‘All Connections’
3. Click the Save button to update the site.
Once the configuration of the site has been updated, SiteBuilder will automatically publish all pages using HTTPS and redirect all incoming HTTP traffic to use HTTPS. Chrome users will no longer see the ‘Not Secure’ warning due to the page being transmitted using HTTP.