Currently on the forum (forum.chyoa.com), we get a 301 redirect to plain http without encryption. Users transmit login data (and probably use the same password as for chyoa.com), and in my opinion that should be reason enough to enable https by default, to transmit that data securely. You already have a valid certificate (*.chyoa.com) as well.
