This site doesn't sell anything. Any deal is a P2P stuff. People can identify your public address or message by your bitcoin or PGP signature already. It is suggested that communication of the two parties of a deal shall be signed by their private key or encrypted by the other's public key. Even hackers know your password for this site (remember the web owner knows your password for this site already), they can't fake your deal message for your deal. In this sense, you can use the typical 80 port http to talk with this site.
You shall have no credential information here in this site. It is already free to use the SandBox or BtcDealMessage for your communication purpose so you don't need to be a member at all. In this case, a typical 80 port http is enough for you.
There are only two situations you might want to protect from sniffers by encrypting the traffic between you and the site:
For reason 1, you can access the site by tor as well: http://wizlacx2yvj4zu263yupdoe57u7pwclfcy66cmoiu75mauvht2qyzzid.onion . In fact, to enjoy the SiteFeature, you need to be a member and then you are required through this route. There is no much reason to purchase an official site certificate annually.
For reason 2, the web owner can see your private pages already so you sure you really want to park some private credentials here? Don't do this, this site may be hacked too and the web owner doesn't promise any loss if you do this. Here in this site, the purpose of a page being private is used for "under construction" mostly.