* Disclaimer
A couple of years ago, Google introduced the concept of HTTPS Everywhere (https://www.youtube.com/watch?v=cBhZ6S0PFCY&utm_source=wmx_blog&utm_medium=referral&utm_campaign=tls_en_post).
Since Silverstripe is a CMS, it was potentially possible that it would have to be done through Silverstripe. My experience is that it is better not done through Silverstripe (using the forceSSL). Instead, I used this in my htaccess file:
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.example.com/$1 [R=301,L]
I found this elsewhere while Googling. This together with my certificate seems to cover both www.example.com and example.com, as well as parked domains I have redirected. If anyone spots anything wrong, I'm happy for you to correct, but I thought the conversation was important enough to start, and I couldn't find any conversation like this in the forum.
*I am putting this here not because I think the answer is perfect, far from it, but because it might help someone else one day who is looking for something like this. I am also using SS 3.1.9.