What is the importance of installing SSL certificates for E-commerce websites? If we convert one site from http to https, what will happen to the http pages? Will they automatically redirect?
If you have a web site that handles commerce without SSL/TLS then its like doing business in the open.
Anyone in between you and the customer can observe the information you send back and forth. Names, passwords, addresses, credit card data, etc.
Install TLS ( commonly called SSL the old standard name. ) and configure your server to use SSL and set cscart to always use it.
You are required to do this is you are accepting credit cards anyways. There are standards called PCI that are issued by the credit card companies. If there's an incident of fraud caused by your site being compromised adn you did not certify your PCI compliance you will be held accountable for the losses.
What is the importance of installing SSL certificates for E-commerce websites? If we convert one site from http to https, what will happen to the http pages? Will they automatically redirect?
Yes, in default CS-Cart all the links are dynamic and customer will be automatically redirected to the https from http pages.
You should be ensure that your SSL certificate is signed by SHA-2. The most popular browsers wouldn't be accepting SHA-1 certificates very soon. Unfortunately, SHA-2 is not supported on many legacy devices and browsers. So that's why you don't have to buy SHA-1.
Also we recommend to disable weak ciphers and switch to TLS 1.2 to prevent attack on protocol SSL (POODLE, LOGJAM, Heartbleed, ...). If you need a help with security, please contact our sales team (sales@simtechdev.com) and we will help you configure the server properly.