With increasing need for adding a security layer for your website visitors for secure transmission of their data, SSL certificate is a must recommended practice for every website owner who is serious about his business website.
Additionally coming to SEO, having an SSL certificate helps you boost your search engine ranking since Google also considers those websites as good who serve their visitors with "https" domains instead of "http".
But if you go to market for buying an SSL certificate, you would find that you need to shell out somewhere between $40 to $50 USD per year to buy an Industry Standard Quality SSL certificates like Comodo SSL. This may seem reasonable to businesses but if you are an Individual running a blog or a beginning startup, you would think twice before spending that amount without even having any surety if the website would make any revenue in future.
In this case, you may want to try out Free SSL services which are equally good.
I personally used this service and found to be good. It generates SSL certificates via Let's Encrypt which is itself a non-profit certificate authority run by Internet Security Research Group since 2014.
Using this service you have to initially verify ownership of website using either ftp or file or by using DNS based verification.
On verifying your website you can give your CSR file if you want to use your own CSR. Once you generate the certificate, it will generate Private Key, Certificate and CA Bundle. If you have used own CSR it will leave the private key blank and you may use own private key which you received while generating the CSR.
Once you get the certificates you can use those to install on your webserver to enable https for your website.
Alternatively, if you are interested in Paid SSL Certificates, you can checkout offerings on Positive SSL or Comodo SSL from Cloud 123MyList.
The primary advantage of going for Paid SSL certificates over Free SSL certificates is the Liability Protection offered by paid certificate providers. This means, in the event of any data breach, you are insured up to the amount covered in the warranty provided by the certificate provider.
Additionally with Paid SSL, you get it for the whole 1 year or more based on your registration duration, however free certificates would keep expiring every 90 days and you would be required to renew them every quarter. Paid service providers would also offer you wildcard protection, which means you can use them for whole domain and subdomains associated with the website.