Just a quick reminder to link all your assets with https:// when they are under SSL. Since libraries such as jQuery are hosted by third parties such as Google, it's easy to forget to use https. When a user accesses a page under https and some assets are not accessed securely, the user will see a dreaded message warning that the page has some unsecured assets.
In Rails I use the request protocol which returns http: or https://
I have updated my Webmaster Launch Checklist to include this item.