Chrome, the browser, will introduce a new protocol that automatically places your site as insecure if you do not show it in https. This means that if your site uses http and the page has a POST protocol then Chrome will issue a message to the viewer. To avoid this all POST and data sensitive pages will need to be https only.
I did this for the Community and it was quite a workout. Besides changing the configuration I had to go through thousands of files and update everyone. I then had to go through various fields of the database and update calls to URLs. Certain http_referrs gave trouble because of the https protocol so I had to fix those too. It is a long process that has to be carefully undertaken so there isn't unnecessary down time. Now I have to do this for all the other sites!