You have a C rating at qualys. Please check out https://www.ssllabs.com/ssltest/analyze.html?d=piwik.org&hideResults=on
This looks totally insecure to me. Kick your hoster if he does not improve this.
Your certificate is valid 6 weeks from now. It would be a good idea to not only get a secure certificate but also a secure HTTPS implementation.
With Debian 8 stable, you'd easily get an A+ rating from qualys.
I strongly encourage to use the https-only strategy. User's won't even notice anything if it's done right.
Keep in mind that documentation can be security related (e.g. installation steps #8232) because MITM-compromised documentation will let users do insecure stuff.
I'd never give this proxy-service a private key...