Why not get a certificate?

Not too long ago, the internet was an expensive place. Hosting, DDoS, and, boy, SSL could burn a big hole in Jeff Bezos’ pockets. But in 2016, some companies and organizations decided to lower that cost by removing the hassle and price of getting a Certificate, trusted by almost every OS and browser. And here we are today. Easy? yes. Cheap? Absolutely. and now there are over 200 million websites to prove that it was a huge success. So today, you are either lazy or very incompetent to not get a certificate.


I agree with you entirely, but perhaps "uninformed" would be better than "incompetent" ?


I think a lot of it has to do with people doing this for their first time and not having a clue as to what to do. That and impatience, especially if they have to wait for DNS to propagate. When they check their website immediately and see no padlock they panic and start making changes, messing things up. Then they ask for help. Some people are only finding out for the first time that their clients are also deprecated - sometimes by a lot. In those situations, getting a cert involves actually reading the guides/docs thoroughly instead of reading through them as they're performing each step. So yes, I'd have to agree many are "uninformed."