You have to install SSL support on your webserver (may be it's already done) Then you must configure your webserver to use your server SSL certificate and private key. Then your users will be able to connect to your server using https:// All data exchange using https:// between client and server will be encrypted.
On most hosts (especially cpanel/whm based) , the content of https:// address is in private_html and not the public_html folder. It's essentially another domain (or subdomain), that runs off port 443 instead of port 80. SSL can only be used over a secured connection otherwise what's the point of verification, the SSL certificate does not make your connection secured or encrypted but instead aids in the assistance of ownership verification, so when a user visits https://www.yoursite.com the SSL certificate makes the padlock (depending on browsers) show that the domain name and the certificate matches, and as such should be secure and not a phishing attempt. You also need a unique IP for your https:// address in order for the certificate to be valid. Meaning the domain cannot share the same IP as other domains on your server (which means using an SSL connection on a shared hosting provider is rather unlikely).
Yes. This can be done through 302 redirect which can be set up in .htaccess On your secure version of site use relative links to avoid accidentally users to degrade to insecure communication.
Because a password protected login alone does not actually encrypt the communication to and from the server itself. Without it, its possible for the communication to become intercepted. Kinda like someone watching over your shoulder as you use the ATM.
If you need help, let me know. You will need a dedicated IP and a purchased ssl. If you are on a cPanel host, provide them with the ssl info and they should install it. Also, you can make the redirect as many others have said in .htaccess.
is the separate ip is must for SSL? if i running 3 site in my dedicated server using same Ip so it's no possible with same ip?
1 domain = 1 ip Otherwise the SSL certificate is somewhat pointless. IF you have a dedicated server, and its on a cpanel/whm setup, you could always put the other domains on their own IP (assuming your host provided you with more than 1 or 2). The certificate is a way of authenicating with a browser that your site and the IP it's on is unique and truly the site visitor's are expecting (especially since it can do a reverse dns lookup, and if the site you got the SSL for, doesn't show up in the reverse lookup, its not considered valid).