For SSRS, if you're using SSRS integrated mode, no changes are needed for the service itself. However you may need to repoint your RDLs to their new URL for the RSDS, if you're using them.
SharePoint:
- Acquire your SSL certificate covering the FQDN of your Web Application(s).
- Import the PFX into the Local Computer\Personal store on all SharePoint servers.
- Create a Web Application, if not already created, using port 443 and selecting SSL. Enter an FQDN (URL) covered by your SSL cert.
- Once created, using IIS Manager, bind the cert to the IIS site created for the Web Application.
If the Web Application already exists, you will instead need to update the Alternate Access Mappings with an HTTPS URL and bind your SSL cert to the IIS site. You can drop your HTTP URL. Removing the HTTP URL may break hardcoded paths (i.e. if someone hardcoded an image URL on a SharePoint page.
For WFM, during the setup, it will ask for certificates. You'll be populating those items as you move through the setup process. More info is at Install and configure workflow for SharePoint Server.