Option 3: Letsencrypt
When the who’s who of the internet sponsor’s you, you deserve a mention. I would not have known about them had my hosting support not pointed me in their direction.
If you are having your website hosted and are in good control of the virtual/ physical machine hosting your site files i.e. have shell access to your web host, Letsencrypt is a good choice. To get a certificate issued to you, they use something called Certbot client.
For those without shell access they recommend that your host (if you are lucky and they are in this list) can ask a certificate on your behalf. In the worst case they recommend uploading Custom Certificates installed on your computer and uploaded to your hosting provider?—?but this option is not for everyone.
A feature I am looking forward to is Wildcard certificates. This will be rolling out by end of Feb 2018. What this means is you can add the https across all sub-domains of your website using wildcard like *..com. If you host using DigitalOcean, do give this Tutorial a read?—?step 3 covers how you can use an automated job to auto-renew the certificate issued by Certbot which expires at the end of every 90 days.
Encrypted World (Image Source: Pixabay)
There are few sites like gethttpsforfree.com, trusted CAs like Comodo and third parties like Instantssl who issue a time-bound free certificate. Employing these will either mean you will have to face the hassle of certificate installation, renewal yourself or pay for a longer certificate at a later point. So I am not covering these in much detail in this post. However feel free to share your experiences with them in the comments section.