Changing to and creating a new domain in TLS (https) have different SEO affects.
https://www.searchenginejournal.com/...-guide/195103/
This is a pretty good list ...
TLS/SSL is only needed for user data entry really. Who is going to packet sniff your web surfing realistically? Any webserver .pem files that are from a trusted source -- the NSA, or other countries' spy agencies will be able to obtain decryption one way or another if they want to. HTTPS security, if you are a government target is a joke.
Gmail is HTTPS and gets hacked all the time by social engineering and phishing.
I think this HTTPS is really a Google scam to eliminate a lot of the web they have to index -- thus lowering their expenses. Either that or: Googlers all wear tin foil hats in the Googleplex
I have a script to scrape Google SERPs. I am going to analyze the HTTPS boost but it will only be subjective, as Google has bullied the webmaster community in converting their sites to HTTPS.