How you install it varies. If you are in a hosted environment then your host may install the certificate for you. If you have access to IIS Manager you can install yourself.
Thanks, but its the 'install' part I am unsure about. Is it a file being installed in a specific location or registry changes with an encryption key added?
Sorry if that's an obvious question to the seasoned web developer, but its not something I have done before.
Also, how does nopCommerce then deliver pages via SSL (https:// rather than http://) - is that an internal function that has been developed in nopCommerce that is invoked when it sees the security certificate?
Check with you SSL certificate provider on how to get the certificate.
Yes you need to get it for a specific domain.
You'd need to check with your host on where and how to install the SSL certificate.
You most likely need to check with both.
nopCommerce automativally takes care of the rest after you enable SSL from admin (no need to know how it does that unless you having nothing else to do).