Hypothetically, SSL will not keep the NSA from telling what websites you visit. They would be able to tell the domain that you are sending/receiving traffic from, but not the actual data protected by SSL.
A VPN would likely protect you from prying eyes, but it costs money and you run the risk of the VPN service spying on you or opening its doors to a government agency.
The Tor network is also an option, but speed tends to be a factor, and the entry and exit nodes can be monitored.
The only sure way to be sure you aren't being monitored on the Internet is to not use the internet.