Unless your host supports Let's Encrypt; Let's Encrypt's SSL offerings can be used on shared ip addresses. Plus, they're free.
Determine what type of SSL is needed and purchase
Unless you're providing order processing and your merchant requires location information, you can get away with any StarterSSL certificate (the cheap ones).
Set up a Redirect HTTP >> HTTPS (with 'Wildcard')
There are a lot of snippits on Google for "Force HTTPS htaccess".
End result is any old links using HTTP will be redirected to New HTTPS secure page
Yes, but you'll likely want to update old links, which would involve database maintenance.
Keep in mind that 3rd party assets (embedding content from other sites that are not SSL, such as Photobucket) will give a warning on pages using them (basically that elements on the page are not provided over SSL).