>I did (for Firefox) but the message about a wrong certificate might have driven away people not used to your site. While I personally think going to Https is better (even if spooks will get the data IAC) not having a valid,costly certificate might scare off potential customers. Somewhat Catch 22...
The message they mentioned is the one for people who were already logged. The auto redirection is done automatically.