1. Update internal links to pages on your site – all of them must start with https://
2. Make sure that all external links lead to the updated pages of your site with HTTPS.
3. Check all occurrences of the IMG/CSS/JS tags in your code – they must start with https://.
4. Make sure that you have specified 301 redirects. These are the redirects that are used when moving to HTTPS.
5. Make sure that you have protected the whole site, not just one of its elements (login page, order goods page, etc.).
6. Check the canonical links. All links with rel = canonical should lead to your new HTTPS pages.
7. Make sure that your CDN-provider supports HTTPS (today almost all CDN-providers have such support).
8. Set up HTTPS in Google Search Console. A site with HTTPS must be added as New Property in Search Console. Do not forget to reload the Disavow file.
9. Open the indexing of your HTTPS pages if it was closed earlier.
10. Send an updated sitemap.xml with HTTPS URLs to Search Console so that Google can better index your site.
11. Keep track of the traffic of your new site. Initially, the traffic will drop while the transition to HTTPS, but later it will normalize and enter new, higher positions.
Read more about the right way of migration from HTTP to HTTPS in this educational blog post.