My blog is, and has been, hosted with 1and1 for many years. While I've had some minor issues during that time, I've been generally happy with their hosting. Recently I noticed that they now offer a free SSL certificate. The free certificate only covers one domain and no sub-domains, but that's all I needed for robservatory. I must say that 1and1 has made this incredibly easy: Enabling the certificate only took a couple mouse clicks, and it was active a minute or two later.
Getting the site actually secured, though, was and is a different story. You should see the secure site indicator on the front page, at least, indicating that you've made a secure connection to the site…
Once you navigate back into the older posts, however, you'll probably lose the lock indicator. The connection is still secure, but the older posts have hardcoded image paths that start with http://, so they load non-securely.
I'm using that as an excuse to go through my old posts and update broken links, etc. This takes a while, but it's a good thing to do every so often. And note to self, never hardcode the full URL—I have no idea why I did that!
And yes, I could just do a mass replace in the database, but the audit has already helped me fix a couple handfuls of posts with errors.