Chrome must be the only modern browser to not indicate an insecure connection ;P
I have my own SSL generator, works great, but many browsers whine that it is self signed.
I sometimes use Comodo's FREE SSL, but it is only good for 3 months before you need to purchase it.

I tried out https://www.sslforfree.com/
Disappointing. Tried manual and FTP methods. Files transfer and authenticate, but no certificate is ever generated.
Instead, get an error message.
https://letsencrypt.org/, which is just a front to https://certbot.eff.org/, is only good for UNIX flavors.
As an estimated 70% of the worlds servers (DEATH to IIS!) are now Apache, and half of those are on XP systems, this is a poor choice.
Fortunately, a number of alternatives are offered at https://community.letsencrypt.org/t/...entations/2103
None of them provide for security encryption over 2048bits, but they work well for most browsers.
Also, most of them are pay services. Like I am going to pay someone to tell me my site is encrypted.

https://gethttpsforfree.com/ works, sometimes, and is the one I recommend to those without knowledge of HTTPS process setup.
Other things people need to keep in mind is updating .htaccess to redirect all http to https; changing vB's settings; slower page loads on large sites.
You also have to make a number of Apache configuration changes, which none of these sites cover.
So it isn't as simple as enter info, get file, store it and you are done.

https://zerossl.com/free-ssl/ is good for almost anyone too as a no brainer and uses a browser setup. Again, this is only to create the SSL cert, not install it or reconfigure an HTTP to HTTPS server.
Pro, you don't have to know hardly a thing about setting up certificates.
Con, it is all automated and you have no control over configuring your certificates.
Also, Pro, it is free.
Con, PitA to have to do this every 3 months when standard is 1-10 years.

Chrome does right now. You just have to click the (i) icon to see "Your connection to this site is not private" in black font. Firefox does the same thing, you also have to click the (i) icon to see "Connection is Not Secure" in red font. It is Microsoft Edge and IE which don't have any indicator when a site is not using SSL (it does display lock icon when using SSL but nothing when not SSL). I couldn't even find anything that says "not secure" even when clicking around the address bar or settings.

The future change in Chrome is it will display "Not Secure" in red font with warning icon and you will see it right away in the address bar without clicking anything. So it's basically "scaring" users to "force" site owners to use SSL. This is for the benefit of site owners. I'm all for it.

I think its a good idea, kudos to google.

The unfortunate thing for me is, my host would charge me $99.00 a year for ssl. Not that I need it on my personal site as its basically just a blog.

I took advantage of a free life time promotional offer by Siteground Hosting. The certificate auto renews once every year.

Enjoy,
William