Hi Fay Vor I am working around through Google Cloud and I've a bit of experience as System and server administration. However I assume that you know, HTTPS is basically http over tls.
In order to provide encryption towards your requests, you need to purchase a valid certificate from valid vendors and keep it in your ssl key store. In the config file you need to enable tls with given algorithms.
If you are going to purchase a tls certificate then the vendor can do a lot of help than the help i can do.
To my knowledge there are no opensource certificate providers. A bit of research might help you to know if amazon does provide at reduced prices.
Regards
Shiva