Everyone have covered most of the points . Adding a few more .
- If your site is on HTTPS the browser will not load HTTP requests. (Creates a lot of problems when you are using third party API's which are only on HTTP, Ad-Networks which supports only on HTTP).
- SSL handshake is processed by your web-server. So, for high traffic websites it requires handsome amount of processing power and even the process slows down with increasing load. (Hardware SSL Accelerators are always costly.)
- Setting up SSL is always a headache. Thanks to #LetsCrypt its quite a bit simpler now and FREE.
- Renewing SSL, you always need someone to renew your certificates which is another pain point with HTTPS.
HTTPS usage is increasing with browsers enforcing websites to be on HTTPS. Like Chrome from version 55 (Not Sure) shows RED Insecure for sites on HTTP and Green Secure before the URL.