You would need to redirect your customers to be covered by the SSL when they are checking out.
At the top of your checkout.php page add this code
<?php
if (!isset($_SERVER['HTTPS']) || (isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) != 'on')) {
header("Location: https://".$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF']);
die();
}
?>
then if you ever want to force back from https to the regular site then use:
<?php
if (isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on') {
header("Location: http://".$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF']);
die();
}
?>
This will redirect you customers to the SSL side to checkout