One of the major problems with setting up HTTPS is that adding the cert is just one aspect of what can be a long process. One of the hurdles is knowing which headers to use to help make the site as secure as possible. For that reason, I put together a post which is kindly hosted by Starwind to go through the headers.

https://www.starwindsoftware.com/blog/demystifying-https