Welcome to the world of Apache! The first lesson is to learn how to read the excellent documentation. In the Apache documentation, every directive has a context section that indicates where in the server's configuration files the directive is legal. It can be found right below the Syntax: and Default: lines.
server config This means that the directive may be used in the server
configuration files (e.g., httpd.conf), but not within any
<VirtualHost> or <Directory> containers. It is not allowed in
.htaccess files at all.
virtual host This context means that the directive may appear inside
<VirtualHost> containers in the server configuration files.
directory A directive marked as being valid in this context may be
used inside <Directory>, <Location>, <Files>, <If>, and <Proxy>
containers in the server configuration files, subject to the
restrictions outlined in Configuration Sections.
.htaccess If a
directive is valid in this context, it means that it can appear inside
per-directory .htaccess files. It may not be processed, though
depending upon the overrides currently active.
With SSLEngine, SSLCertificateFile, SSLCertificateKeyFile the contexts are server config & virtual host. This means you could specify them for the whole server and also override this default configuration per <VirtualHost>.
The SSLRequireSSL Directive on the other hand is legal in directory & .htaccess contexts. This means you can, by placing this in a directory, specify that non-TLS connections shouldn't be allowed even if there exists a HTTP alone virtual hosts that would otherwise serve this directory.
However, this day and age you should protect everything with TLS, making SSLRequireSSL needless. Redirect all HTTP to HTTPS & enforce it by a HTTP Strict Transport Security (HSTS) policy (RFC 6797).
