From July 1st, Google Chrome 68 will be released which aims to further take the fight to websites that are still running without an SSL certificate, and are therefore insecure. Any sites that do not have SSL Certificates will be prominently marked in the address bar:


The purpose of installing an SSL certificate is to encrypt the data travelling between your website and your visitors, ensuring that malicious third-parties canâ™t get their hands on the sensitive data your customers may be typing into your website, such as passwords or credit card details.

What are the changes?

Currently, Google Chrome (which around half of all internet users use to browse online) warns users by placing a âNot secureâ label in the address bar if they are visiting an insecure web page that contains a credit card or password input field.

These warnings are set to extend to a further two scenarios:

• When a user fills in ANY input field type on an insecure web page (such as a contact form)
• ALL insecure web pages when browsing via incognito mode

Google Chrome eventually plans to extend this warning to users to show for ALL insecure web pages, whether or not they have any particular types of input fields on them and regardless of whether they are being viewed in regular or incognito browsing modes. (You can read their full announcement on the changes here!)

So, if youâ™re still running your website without an SSL certificate, now is definitely the time to make the switch over from http to https!

How do I know if I already have an SSL certificate installed/enabled?

First, try to visit your website without using any http or https prefix (to see whether your site automatically loads in http or https), for example, type: âyourdomain.com.auâ into your browserâ™s address bar. If the site loads okay and you can see the padlock in your browserâ™s address bar, this means your site has an SSL certificate both installed and enabled, and nothing further needs to be done!

If your site loads but isnâ™t showing the padlock, try instead typing your website address into your address bar including the https prefix, such as: âhttps://yourdomain.com.auâ. If the site loads okay, that means you have an SSL certificate installed, but it is either not enabled, or you have mixed content which is preventing the page from being fully secure.

If the site doesnâ™t load at all this way, that means you do not have an SSL certificate installed/enabled correctly.

We highly encourage all e-commerce sites to purchase an SSL certificate for maximum protection and enhanced customer trust.

What is mixed content?

Mixed content means you have an SSL certificate installed and enabled, but something on your web page is being loaded insecurely via an http link. This could be anything from an image within your code which is being called to using its old http link, rather than its new https link. It could also be a plugin you are using to insert some other feature on your page.

Why No Padlock? is a handy tool to help you determine if you have any mixed content, and what that mixed content specifically is. Once youâ™ve found the culprit(s), if any, updating the link(s) to use https should solve the issue.

Weâ™d recommend consulting your web developer if you are unsure how to tackle any of the above, as they will be able to assist you in determining and resolving any mixed content errors.

How do I get an SSL certificate?

You can contact us here to have us assist you in choosing the right option, or answering any other questions you may have!