Hi Aamir,
Yes, that is correct. Because what happens is that all modern browsers today throw errors when you are in an SSL url, and then try to access a link to a url that is non-SSL - its called mixed content and most browsers block it. So for this reason we advise that if you are going to set up SSL, that you do it on all applications within the enviornment that interact, integrate, or are accessed from Service Desk - or any app hitting Service Desk.
As for Advanced Availability - No you cannot just do the background server - you need to do ALL servers in the environment.
SSL is really an all-or-none thing these days. If you do this in a mixed manner some SSL and some non-SSL you will face problems and struggle with it - and will end up implementing SSL all around anyway in the end to resolve the issues.
Jon