So, caveat first. This is not the suggested approach if you are running a transactional website. If you’re going to be losing money for every second your site isn’t working, you ought to do this as a proper planned and tested project.
But if it doesn’t really matter if things don’t work out, and you know how to revert to a previous version of your site, you can just go for it.
Firstly, take a backup using something like ManageWP, which is really easy to use to revert the site in the event of a disaster.
Then install a Lets Encrypt SSL. This is completely host-specific, but most big hosts will have this option for you. It is usually free. Often it’s a self-service option in CPanel.
Once you’ve done that, log into WordPress, and under settings change the URL of the site from http:// to https://
This will probably get you part of the way there, but you still won’t have the green padlock, as you’ll have odd files like CSS, javascript, linked images, hardcoded links etc that will be http, and your browser doesn’t like mixed content – i.e. loading http stuff from within an https page.
Now you can either install a plugin (like Search and Replace) or use PHPMyAdmin to do a global search and replace of your old URL to your new one. Code will be something like this:
UPDATE wp_posts SET post_content = REPLACE (
post_content,
'Item to replace here'
,
'Replacement text here'
);