I’ve had an HTTPS certificate for webmail for a couple of years now, and recently realized that it was valid for any web site here.
So, this website is officially entirely HTTPS, with an automatic mod_rewrite redirect from the HTTP version of the site.
I would like to get a wildcard certificate that could apply to all the subdomains on this domain, but those are expensive. The very cheapest I have found is $150 per year.
Yeah .. no. Going entirely HTTPS for all hosted domains, sub- or otherwise, is a nice fantasy, but I don’t think it will happen any time soon.