diff --git a/.circleci/config.yml b/.circleci/config.yml
index bd6a63ec..57619e52 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -95,7 +95,7 @@ jobs:
           name: Helm install stackstorm-ha chart
           command: |
             # disable mongodb-ha chart persistent volumes as cluster can't start in CircleCI/KinD env
-            helm install --debug --name stackstorm-ha . \
+            helm install --debug --wait --name stackstorm-ha . \
               --set mongodb-ha.persistentVolume.enabled=false
       - run:
           when: always
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 5bead384..de7ec4cf 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,9 @@
 
 ## In Development
 
+## v0.16.0
+* st2web now uses HTTP by default (#72). We now recommend you rely on `LoadBalancer` or `Ingress` to add HTTPS layer on top of it.
+
 ## v0.15.0
 * Add support for ingress (#68)
 
diff --git a/Chart.yaml b/Chart.yaml
index 1f2b7aa9..9371c561 100644
--- a/Chart.yaml
+++ b/Chart.yaml
@@ -2,7 +2,7 @@ apiVersion: v1
 # Update StackStorm version here to rely on other Docker images tags
 appVersion: 3.1dev
 name: stackstorm-ha
-version: 0.15.0
+version: 0.16.0
 description: StackStorm K8s Helm Chart, optimized for running StackStorm in HA environment.
 home: https://stackstorm.com/#product
 icon: https://avatars1.githubusercontent.com/u/4969009
diff --git a/README.md b/README.md
index b47f38ad..c1505846 100644
--- a/README.md
+++ b/README.md
@@ -83,6 +83,7 @@ kubectl exec -it ${ST2CLIENT} /bin/bash
 ### [st2web](https://docs.stackstorm.com/latest/reference/ha.html#nginx-and-load-balancing)
 st2web is a StackStorm Web UI admin dashboard. By default, st2web K8s config includes a Pod Deployment and a Service.
 `2` replicas (configurable) of st2web serve the web app and proxy requests to st2auth, st2api, st2stream.
+By default, st2web uses HTTP instead of HTTPS. We recommend you rely on `LoadBalancer` or `Ingress` to add HTTPS layer on top of it.
 > **Note!** By default, st2web is a NodePort Service and is not exposed to the public net.
   If your Kubernetes cluster setup supports the LoadBalancer service type, you can edit the corresponding helm values to configure st2web as a LoadBalancer service in order to expose it and the services it proxies to the public net.
 
diff --git a/templates/NOTES.txt b/templates/NOTES.txt
index 3cec7413..c104bd95 100644
--- a/templates/NOTES.txt
+++ b/templates/NOTES.txt
@@ -18,14 +18,14 @@ echo https://${ST2WEB_IP}/
 
 {{- else if contains "ClusterIP" .Values.st2web.service.type }}
 
-echo https://127.0.0.1:8443
-kubectl port-forward --namespace {{ .Release.Namespace }} svc/{{ .Release.Name }}-st2web{{ template "enterpriseSuffix" . }} 8443:443
+echo http://127.0.0.1:8080
+kubectl port-forward --namespace {{ .Release.Namespace }} svc/{{ .Release.Name }}-st2web{{ template "enterpriseSuffix" . }} 8080:80
 
 {{- else if contains "NodePort" .Values.st2web.service.type }}
 
 export ST2WEB_IP=$(minikube ip 2>/dev/null || kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
 export ST2WEB_PORT="$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ .Release.Name }}-st2web{{ template "enterpriseSuffix" . }})"
-echo https://${ST2WEB_IP}:${ST2WEB_PORT}/
+echo http://${ST2WEB_IP}:${ST2WEB_PORT}/
 
 {{- end }}
 
diff --git a/templates/deployments.yaml b/templates/deployments.yaml
index d52e4933..885891fa 100644
--- a/templates/deployments.yaml
+++ b/templates/deployments.yaml
@@ -338,8 +338,6 @@ spec:
         chart: {{ .Chart.Name }}-{{ .Chart.Version }}
         release: {{ .Release.Name }}
         heritage: {{ .Release.Service }}
-      annotations:
-        checksum/ssl: {{ include (print $.Template.BasePath "/secrets_st2web.yaml") . | sha256sum }}
     spec:
       {{- if .Values.enterprise.enabled }}
       imagePullSecrets:
@@ -350,13 +348,13 @@ spec:
         image: "{{ template "imageRepository" . }}/st2web{{ template "enterpriseSuffix" . }}:{{ .Chart.AppVersion }}"
         imagePullPolicy: {{ .Values.image.pullPolicy }}
         ports:
-        - containerPort: 443
+        - containerPort: 80
         # Probe to check if app is running. Failure will lead to a pod restart.
         livenessProbe:
           httpGet:
-            scheme: HTTPS
+            scheme: HTTP
             path: /
-            port: 443
+            port: 80
           initialDelaySeconds: 1
         # Probe to check if app is ready to serve traffic. Failure will lead to temp stop serving traffic.
         # TODO: Failing to add readinessProbe, since st2 requires authorization (401) and we don't have `/healthz` endpoints yet (https://github.com/StackStorm/st2/issues/4020)
@@ -373,25 +371,10 @@ spec:
         - configMapRef:
             name: {{ .Release.Name }}-st2-urls
             optional: true
-        volumeMounts:
-        - name: st2web-ssl-cert
-          mountPath: /etc/ssl/st2/
-          readOnly: true
+        volumeMounts: []
         resources:
 {{ toYaml .Values.st2web.resources | indent 10 }}
-      volumes:
-      - name: st2web-ssl-cert
-        secret:
-          secretName: {{ .Release.Name }}-st2web
-          items:
-          - key: ssl_certificate
-            path: st2.crt
-            # 0400 file permission
-            mode: 256
-          - key: ssl_certificate_key
-            path: st2.key
-            # 0400 file permission
-            mode: 256
+      volumes: []
     {{- with .Values.st2web.nodeSelector }}
       nodeSelector:
 {{ toYaml . | indent 8 }}
diff --git a/templates/ingress.yaml b/templates/ingress.yaml
index 47c50b81..04c432c5 100644
--- a/templates/ingress.yaml
+++ b/templates/ingress.yaml
@@ -40,7 +40,7 @@ spec:
         - path: "/*"
           backend:
             serviceName: {{ .Release.Name }}-st2web{{ template "enterpriseSuffix" . }}
-            servicePort: "443"
+            servicePort: "80"
   {{- end }}
   {{- if .Values.ingress.tls }}
   tls:
diff --git a/templates/secrets_st2web.yaml b/templates/secrets_st2web.yaml
deleted file mode 100644
index 05bbbf2b..00000000
--- a/templates/secrets_st2web.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
----
-apiVersion: v1
-kind: Secret
-metadata:
-  name: {{ .Release.Name }}-st2web
-  annotations:
-    description: SSL Certificate, used in nginx to serve StackStorm Web UI and services on HTTPS
-  labels:
-    app: st2web
-    tier: frontend
-    vendor: stackstorm
-    support: {{ template "supportMethod" . }}
-    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
-    release: "{{ .Release.Name }}"
-    heritage: "{{ .Release.Service }}"
-type: Opaque
-data:
-  # SSL Certificate used for StackStorm Web UI in nginx (HTTPS)
-  ssl_certificate: {{ required "A valid secret 'ssl_certificate' is required for st2web!" .Values.secrets.st2web.ssl_certificate | b64enc | quote }}
-  # SSL Certificate private key used for StackStorm Web UI in nginx (HTTPS)
-  ssl_certificate_key: {{ required "A valid secret 'ssl_certificate_key' is required for st2web!" .Values.secrets.st2web.ssl_certificate_key | b64enc | quote }}
diff --git a/templates/services.yaml b/templates/services.yaml
index b3eaa099..915f0099 100644
--- a/templates/services.yaml
+++ b/templates/services.yaml
@@ -107,7 +107,7 @@ spec:
   {{- end }}
   ports:
   - protocol: TCP
-    port: 443
+    port: 80
 
 {{ if .Values.st2chatops.enabled -}}
 ---
diff --git a/values.yaml b/values.yaml
index 88689358..5d1ad0a6 100644
--- a/values.yaml
+++ b/values.yaml
@@ -189,66 +189,6 @@ secrets:
       WE8BWLQ1vBV6c7V4Q0Wp6LuTnNnvu/lvVugJW/TbrzFw6CFe5fEISmIHAMnqVz8x
       OdOJyinSM1svoBGnYfyAqINKrqCSGSKmprlMo0Ma3erI7SuojWBS
       -----END RSA PRIVATE KEY-----
-  st2web:
-    # SSL Certificate used for StackStorm Web UI in nginx (HTTPS)
-    # Warning! This is dummy auto-generated self-signed SSL cert. Use your own instead!
-    # TODO: For prod/stable consider auto-generating if no cert provided (#15)
-    ssl_certificate: |-
-      -----BEGIN CERTIFICATE-----
-      MIID2zCCAsOgAwIBAgIJANcrpXluUyomMA0GCSqGSIb3DQEBCwUAMIGDMQswCQYD
-      VQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTESMBAGA1UEBwwJUGFsbyBBbHRv
-      MRMwEQYDVQQKDApTdGFja1N0b3JtMSEwHwYDVQQLDBhJbmZvcm1hdGlvbiAgIFRl
-      Y2hub2xvZ3kxEzARBgNVBAMMCnN0YWNrc3Rvcm0wHhcNMTgwNTIzMTQxMDMyWhcN
-      MTkwNTIzMTQxMDMyWjCBgzELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3Ju
-      aWExEjAQBgNVBAcMCVBhbG8gQWx0bzETMBEGA1UECgwKU3RhY2tTdG9ybTEhMB8G
-      A1UECwwYSW5mb3JtYXRpb24gICBUZWNobm9sb2d5MRMwEQYDVQQDDApzdGFja3N0
-      b3JtMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5r2f8xtKToZM3rMS
-      J+gcpRjCIACv4ivJDxhhOJ1L9WXpR5UGUtftuiRKvhQA6lW0buPyAWnIDdEyUKHa
-      QoPPYfB/mmuu5qc14JLJ9swzqkfHkgcgi1DjXFg8GkfWKXymtD2F/jU+Mf94NS9P
-      kfZO7mAfOMjsX18J7Vmq/Jk2dYOmbQHsj549VNUcaj4HEmf52cqHlJCAdl8gVJ0H
-      8NDJwDkb1okNKqCMLu5sR3ffmTnVO+zxsNIZMnngevWfhkLkYdEpxraL0Dyi8HkA
-      004cvPryoit4sucYvEWU2ZWBjBtOFJmqH8QQYei/G9JDVjfXk8KoRm1EvH1G3Hab
-      6wmB0QIDAQABo1AwTjAdBgNVHQ4EFgQUrTArdEoZeiCoYs5xp+BDp9/AlhowHwYD
-      VR0jBBgwFoAUrTArdEoZeiCoYs5xp+BDp9/AlhowDAYDVR0TBAUwAwEB/zANBgkq
-      hkiG9w0BAQsFAAOCAQEAjhMlepcXlWlbr7HcwDX0bNAAze+tJ/NVQGAkl92Nu/9L
-      KsJmObhFEJmok4ZuYhzeVlNRVkC465oHhDLOjUzZoZ6y4hiyH8YJacnZ8mpFFxcc
-      /s18QEw5+G6/xTAzTsrvN2aS+M6qVfEM2tmtwzb7cE14nExLrKq9MGZ6c9qBbH/k
-      YP18QVLx89mBcrWHzbUmCXkVzVxcII2U2CyPhGoHpN054oZ9XT5r0p/JqWLl2wEh
-      6iNbkxysfAeB2J0tY10uSWCzQuQ1UtzDaBkGUHd+UKR98EcduoNqMoUIwkAu0gjk
-      k8kkryYUKpQ/OAiyXIDJiR9lWPGG1Kr8ZqOwjeCRKw==
-      -----END CERTIFICATE-----
-    # SSL Certificate private key used for StackStorm Web UI in nginx (HTTPS)
-    # Warning! This is dummy auto-generated self-signed SSL cert. Use your own instead!
-    # TODO: For prod/stable consider auto-generating if no cert provided (#15)
-    ssl_certificate_key: |-
-      -----BEGIN PRIVATE KEY-----
-      MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDmvZ/zG0pOhkze
-      sxIn6BylGMIgAK/iK8kPGGE4nUv1ZelHlQZS1+26JEq+FADqVbRu4/IBacgN0TJQ
-      odpCg89h8H+aa67mpzXgksn2zDOqR8eSByCLUONcWDwaR9YpfKa0PYX+NT4x/3g1
-      L0+R9k7uYB84yOxfXwntWar8mTZ1g6ZtAeyPnj1U1RxqPgcSZ/nZyoeUkIB2XyBU
-      nQfw0MnAORvWiQ0qoIwu7mxHd9+ZOdU77PGw0hkyeeB69Z+GQuRh0SnGtovQPKLw
-      eQDTThy8+vKiK3iy5xi8RZTZlYGMG04UmaofxBBh6L8b0kNWN9eTwqhGbUS8fUbc
-      dpvrCYHRAgMBAAECggEBAKiTETCDV55W8AIjwbf2FDdqBylqVxVd995XaW/7O2tl
-      sTDi52PO7Zd4vEJyStjpFJGPZ1cw+T9e/ut51AOUWQastg0TbwyETRBtLbBpL7XQ
-      CzXcjyI5TmJA9Gge45AbyY8VA7fdHjtY8XGpxvBUiwYMo8LQyCBFRvNo90rkhK0E
-      xk+mk+DhVFTFvJbYhENTAA8iCq3GeeA7tC+hwOkyNUeyiroIYa1m9uwIPFHS4gxF
-      +uCRsTnhOxUVzxfAWsWBZDe0Yo5zVHl7xwFfse1T//vbwoF5ouIP2IjbwGveCbeW
-      hunsYOPdkkT8rdszyLmrfrpA6Bc0tHKuOz9fJRcCuSECgYEA+9RIc/mzz0AI09oA
-      8vNWYImgPRa0l+AxX3EuL/xx49i8swpELtjNzsz0H1J0nY6baPMaoxj4TEJFxT7c
-      X5NSltcZlxxAxi5WdEpJSdSvznNTKpYVqyDkJWN+1NuoW5e8LOMOuR3NRx7ogA2P
-      o2NpsbShIp22odMaj1tW9kED+N8CgYEA6o/uBVs+y2Fv7Y86PSnaBJPzO07YO1xG
-      tan0zr4TBp2o4YX5sgSdCSlZmSsrGi5Vq20RsBkOg4w8o4ZFYPBZmi+xDyomiibA
-      qssbYTTovwooy5y5LMO+HSz0ClWe17v+o/M0OWwM/uLZ/dOb309NT81A58f0jZIn
-      6ghnWscF608CgYBmAxRmhpxkNBhfWUxRHmm7KYUTugLmExdtBjgjkCvClKW8EUiV
-      gZW9VCEAHzLGMGKcHP6JWzAaFC6XPGOhA9jM6c2f/P3wSg0ThpQxqEqfYvAprCqS
-      6/v/eVKDf4evssOzmzb3ni7txIOCe/vXwAmsxvMPRrwYyZ9Uuzd7AdNOGQKBgB8G
-      Alk7BEcqD/+/ndhRHMDWQKlreDYBsmh8niBqC2IooBmT+r6M1ahMi8kyaHUCA9q0
-      hk5gQgcsGSkXrT1xDKjT/fsffBFxprHwQyLMOKxrz5F+nQ9KpG5/b5eeU2/9MWTF
-      2fZuUBm2L1bfEhKrDnKrlxYQ4EuJNTZC/kiHYkUJAoGBAICBQqCOkFaugy0obNvD
-      BRmc3S5gNeMQHangZKKO1I0hnK0WeWV/D/sTNY1GxxPNhHfU3yfQvfI+Kswspi/b
-      ofUOhwAXuMsTtuLagOMyAJVs+KRVrvnXGT/p9l213ZAnDtFSpkvcjD9WUcupeTca
-      BjdoJBzImjVB5znOgIui3ME5
-      -----END PRIVATE KEY-----
 
 ##
 ## StackStorm HA Cluster pod settings for each individual service/component.