If you wish to accept HTTPS requests, you'll need to configure an additional listener. It will look something like the following:
ExampleHTTPSListener:
Type: AWS::ElasticLoadBalancingV2::Listener
Properties:
Certificates:
- CertificateArn:
arn:aws:acm:ap-southeast-2:123456789012:
certificate/12345678-1234-1234-1234-123456789012
LoadBalancerArn:
Ref: ExampleLoadBalancer
DefaultActions:
- Type: forward
TargetGroupArn:
Ref: ExampleTargetGroup
Port: 443
Protocol: HTTPS
The listener will need to reference a valid Amazon Resource Name (ARN) for the certificate you wish to use. It's really easy to have AWS Certificate Manager create a certificate for you, but it does require validation of the domain name you're generating the certificate for. You can, of course, bring your own certificate if you wish. You'll need to import it in to AWS Certificate Manager before you can use it with your ELB (or CloudFront distribution).
Unless you have specific requirements around ciphers, a good starting approach is to not define an SSL Policy and let AWS choose what is currently best of breed.