Try adding the email behavior to a blank page without the security applied and see if you are able to get the email to send on that. There shouldn't be any interference on that part, but it would help to determine the issue with less code applied to the page. Also, have you tried running the query from the recordset in the database directly to make sure that the recordset returns values correctly?
For https, you generally just have to save the pages to the secure section on the server if you have your security certificate already set up. You would talk to your service provider to see where you would want to set up the pages.