There’s a new SSL/TLS certificate provider in town, and I think you should go check them out.
Let’s Encrypt is a group run by the Internet Security Research Group (ISRG) and funded by the biggest names in tech. Mozilla, Chrome, Cisco are all on board to name a few. Let’s Encrypt is a fully automated Certificate Authority (CA) that can help server admins and owners secure their client’s communications. It uses the ACMEv1 and ACMEv2 protocol to achieve certificate creation, retrieval, and management. In addition to the ACME based certificate process, they’ve partnered with the Electronic Frontier Foundation (EFF) to create a CertBot. CertBot can automatically retrieve (and install if you wish) you certificates, and keep them updated on schedule. No more manual cert upgrades!! In addition to all these great features, Let’s Encrypt’s root certificates are already in a ton of OS and software distributions.
I’ve swapped all but one of my certs to Let’s Encrypt, and for the better I think.