from what i understand if someone types in your website http they will get an insecure version of your website. they have to type https if they want the secured version. you can make rules in your .htaccess file to forward them to the secure site, however. also its recommended to make sure the hosting of your domain is set to either force people to use www OR not to use it (depending on if you had your certificate set for www.mysite.com or just mysite.com). i do believe dh has it set up for your certificate to work on either one automagically though.
having to buy a ssl certificate is a racket i agree with you on that. people should be able to use self-signed certificates as its all the same type of encryption. its just a scheme between the various signing authorities and the browser makers as you would notice if you visited a site with a self-signed cert the browser would give you some rubbish warning (i get to see it every month when i go to pay my student loan online lol).
anyhow i can't say that i know much about the actual process of getting it working here on DH but if you have set your url up for secured hosting (and i assume you have gotten a static ip which would be required) and you can't get things working you should send in a support ticket so they can see what you're doing wrong.