Because of Let's Encrypt! Let's Encrypt is the first non-profit certificate authority (CA), sponsored by Google Chrome, Mozilla, Facebook, Cisco, IdenTrust, GitHub and many other famous brands. We use the ACME V2 API of Let's Encrypt to validate domains and issue Free SSL Certificate.
My website doesn't accept credit card. Why do I need an SSL certificate?
The concept of making SSL secured website only to accept credit card is too old. The world wide web is moving towards complete HTTPS. Google Chrome, Mozilla Firefox, Safari, Opera, Microsoft Edge, etc. all the major browsers are enforcing more and more strict security policy to protect users data.
Since January 2017, Google Chrome shows 'Not secure' flag on any website that has a password field or credit card field but not has an SSL certificate installed.
Since October 2017, Chrome has implemented more strict security policy; it displays 'Not secure' flag on any non-https page that accepts any user inputs.
In July 2018 Google Chrome started to mark all the HTTP websites as 'Not secure' (even if it doesn't accept user input) with the release of Chrome 68.
Starting from October 2018 Google Chrome will mark the HTTP websites as "Not secure" with red color if the user starts typing in an input field.
Firefox shows lock icon with red strike-through on all websites which still depends on the non-https protocol.
Firefox also shows a warning message when a user clicks on the login form: "This connection is not secure. Logins entered here could be compromised."
Safari displays "Website Not Secure" warning in red on any website with a login form which is not protected with https.
Opera shows 'Login not secure' while user clicks on username/password field of a login form that is not secured by https.
Now if the visitors see 'Not secure' flag on your website, what impact will they have?