Re: So how will this work?
Yes but we don't have the details of how it will work.
They say : "enabling HTTPS for your site will be as easy as installing a small piece of certificate management software on the server" .
If this means that a daemon runs on your server, generates private key + csr and send it to a CA, it is very likely that the "management software" will be exploited, sooner or later.
Let's assume it updates itself automatically - a "best practice" nowadays - it will be out of the control of the admin of the server.
You can argue this is already the case with many components on the client and server side, so maybe one more will not make a huge difference. But from the paranoid point of view you can't accept it as really secure solution.