Ssl wild card certificates can use the same certificate to cover several subdomain names. As in https://wiki.funtoo.org https://www.funtoo.org https://forums.funtoo.org can all use the same certificate. https://funtoo.org would not be covered under the wildcard, so Threesixes (talk) suggests using http://domain.tld as a http navigation splash page directory. All that is required to setup a ca signed ssl certificate is an email on the server. https://www.startssl.com offers free ssl ca certificates, though there are several other certificate providers. Some web applications have http hard coded into the css style sheets urls instead of using relative urls, so they need to be changed to https or relative if you lose your styles.
Web servers come in several varieties. The most common stack is known as LAMP which stands for linux apache mysql php. Threesixes (talk) suggests setting up the web server stack by selecting the database first, then scripting language second, and web server 3rd.
Reverse Proxies & load balancing
Reverse proxies are useful, they cache static data, and shuck out cached pages rather than hitting the web server. Several web servers have this functionality built in.
There are several considerations to take into account with a web server install, such as setting up an email server, setting up a firewall, firewalling web applications, and dynamically firewalling attackers.
It's a good idea to benchmark your system, server, & websites. There are several tools to assist you in doing this.