I added an SSL Certificate from Lets Encrypt. If anyone notices, the website is now pointing to https instead of http. I have been wanting to add a trusted certificate but they aren't exactly easy to add and maintain on a domain.
Can you really go wrong with their getting started line of, "No validation emails, no complicated configuration editing, no expired certificates breaking your website. And of course, because Let’s Encrypt provides certificates for free, no need to arrange payment."?
Lets Encrypt appears to do exactly what I wanted. A free CA (certificate authority), that I can auto update with a CRON job. Does it get any better than that? Sort of. But since we don't run a payment system on here, I don't see a real need for an EV (Extended Validation Certificate) or anything that we need to verify company details. I like keeping this as simple as we can, and it appears that Lets Encrypt will do the job to keep the server secure for a user browsing our small business website.
And because we can run a CRON job to auto update the certificate, the website won't be staying on the same certificate for a year at a time. I like the idea of extra security, which this forces.