Switched my entire site, namely this

https://michaelbach.de/ot/

fully to HTTPS. Wasn't as difficult as I thought, since my provider (Netbeat) provided certificate etc., and here
https://simonecarletti.com/blog/2016/08/redirect-domain-http-https-www-apache/
I found a good explanation of how to feed the Apache rewrite engine. Thanks!
Then I had to replace every pertinent link on my site, which could be largely automated.

Why did I go through this hassle? The web is a moving target. For instance, I had to port over 100 interactive illusion demos from ActionScript (Flash) to Cappucino (JavaScript), because fewer and fewer browsers and/or platforms support Flash. Sites w/o HTTPS will be ranked down by G. soon, Chrome will soon mark HTTP sites as "unsafe" (which most users will misinterprete), and HTTPS is necessary for the web speedup that HTTP/2 promises.