It used to be the case that to obtain even a simple SSL certificate for your website you needed to pay - but that's no longer the case thanks to 'Let's Encrypt'.
Let's Encrypt provide free SSL certificates with 2048 Bit Keys and 256 Bit SSL - strong encryption for your everyday needs. You'll still have to pay if you want a certificate with corporate verification (The type that let you show the company name in the SSL section of the browser address bar), however for most people that's overkill. The only real difference between a certificate from Let's Encrypt and a regular paid certificate is that you'll need to renew the certificate more often (usually every 3 months) however this can be managed by setting up a simple cron job to keep things up to date.
Let's Encrypt is a free and open certificate authority that is sponsored by many large and well known brands (inluding Mozilla, Cisco, Google Chrome and many more). This kind of backing has meant the platform has flourished and has proven to be a fantastic and valuable resource.
Setting the certificate up takes a little more work than usual and you'll likely need access to your server via SSH - but there is a simple client called Certbot (Developed by the EFF) that makes this a breeze, with detailed walkthroughs on most Web Server and OS platform combinations. This combination of tools was used to provide the SSL certificate for this site - Click on the padlock in the address bar to find more information out about the certificate if you're curious.
Let's Encrypt will soon begin to offer wildcard SSL certificates as well as traditional ones:
Let's Encrypt will offer wildcard certificates starting in 2018! Learn more and donate to support our work: https://t.co/prEvraIk8J
— Let's Encrypt (@letsencrypt) July 6, 2017