WordPress.com, the official hosted version of WordPress have switched over to enforcing SSL, while this is mostly a political statement, there is some merit, firstly you might actually have some forms which should be secure, allowing users to communicate using the secure channel https provides, secondly there Google have started giving a slight boost to your PageRank when they see SSL in place.
But if you host your own server, you need to enable and provide a certificate yourself.
First check Apache is listening on 443
netstat -ntpl | grep 443
If all you need is secure forms and a green padlock as I have used here you can use a Rapid SSL Certificate @ $12.99 a year here.
You can also get a suitable free certificate from StartSSL, I have a walk through here for that. If you are able to use LetsEncrypt, they have a great free certificate thats generated from your server.
Here is a great walk through on enabling SSL and copying the certificate and key over to your server.
To redirect http URLs to https, do the following:
ServerName www.example.com Redirect / https://www.example.com/
ServerName www.example.com # ... SSL configuration goes here
Enable SSL for apache
a2enmod ssl
Enable the new SSL config
a2ensite example.com-ssl
Test the new config
apachectl configtest
Restart
sudo /etc/init.d/apache2 restart
Quite often we see that while everything else is working, a firewall might be blocking port 443, check to see if IPTables is blocking
iptables -L -n
If not add the rule
iptables -I INPUT -p tcp --dport 443 -j ACCEPT /etc/init.d/iptables-persistent save
check to see if UFW is blocking
ufw status
If you don’t see HTTPS or SSL listed
UFW allow https
If your padlock is broken, likely you have some non-ssl content that manually needs having it’s url altered. To check for non HTTPS content use this Why no Padlock tool.
This of course is another one of my reminder walkthroughs, that I will update as I find better instructions, and welcome any improvements.