SSL Admin Logon questions

I decided to enable SSL admin and logon by adding define(‘FORCE_SSL_ADMIN’, true); to my wp-config.php.

I of course also added a self signed SSL certificate to my domain and enabled ssl in my nginx config file (I’m running a lemp stack).

This works, but the problem is that this also serves the entire domain as either http or https. Meaning that while this lets me go to http://mydomain.com and https://mydomain.com/wp-admin, I can also go to https://mydomain.com.

I don’t really care except for a) https breaks my cdn so on that version none of the graphics/css load, and b) I don’t want to be penalized in Google for duplicate content. I set this up last night and overnight google had found the https version of the sitemap and started indexing it.

I hashed out SSL in the config file this morning to prevent it from impacting my search results as I’ve heard that google will tend to prefer the https version of a page over the http version?

Should I be looking for a way to write the redirect so that only mydomain.com/wp-admin is served via ssl? Or maybe it’s not anything to worry about and Google is now smart enough to figure this all out? I checked mashable and basically saw the same exact behavior when I went to https://mashable.com, so maybe this isn’t anything at all to worry about.

I’d definitely appreciate any input. Thanks.