As of the year 2018, there is no longer any real reason to pay for SSL certs.
Just a couple years ago, StartCom was the certificate authority to go to to get free SSL certs. Certs would only last a year or two, of course, as they still do. Unfortunately, this means you would have to mark your calendar for some date 2 years in the future to remind yourself to renew your certs, which is always a pain. A big part of the reason why basically every website known to man experiences SSL errors every couple year is that it's very difficult to mark your calendar for a date 2 or more years in the future and not lose the event one way or another.
As of last year, StartCom has been distrusted by browsers. Let's Encrypt has emerged to fill the void of providing free SSL certs. Let's Encrypt has a far more automated process was used to be with StartCom and other CAs for obtaining SSL certificates. There is an open-source Python utility called "certbot" that virtually automates the entire process.
This post is not a tutorial on how to use certbot - just recognition that it exists and does a key job. Nonetheless, we will mention a couple certbot commands. First of all, certbot has the ability to integrate with a variety of web servers that you may be using. If you're running an Apache site, provisioning an SSL cert may be as simple as running "certbot --apache".
No matter how you provision your certs, the "certbot renew" command will renew them. If you set that on a daily cron job, and configure certbot with an appropriate emergency contact email, you should be able to set it and forget it, and have an SSL setup that "just works" basically forever, emailing you should there ever be a problem.
Aoeu2code and all of our clients will be using this method from now on. No more paying for SSL certs, and especially no more marking your calendar to remind yourself to renew them!