More and more sites are moving towards HTTPS in the past months. Google claimed it can be used as an SEO ranking signal and privacy organizations advice it so you give your visitors more privacy.
Google Analytics works fine on both HTTP and HTTPS sites. In the basic tracking script you see this line:
It's a protocol independent URL that will fetch the analytics.js file from HTTP or HTTPS based on the site's protocol where the script is loaded. But Google Analytics offers an extra option to do the tracking in HTTPS also. Take your basic tracking code and add the forceSSL line:
ga('set', 'anonymizeIp', true);
ga('set', 'forceSSL', true);
(I also add the anonymizeIp line by default to give my visitors just a little bit more privacy).
Google recently launched a new function called "Exclude all hits from known bots and spiders". You can find, and turn it on, in your "view settings":