The comodo SSL certs via are very cheap. Install instructions for a Nginx based webstack:

Create signing request:

cd /etc/nginx/ssl
openssl req -nodes -newkey rsa:2048 -keyout -out

Copy paste the content of the csr on, choose webserver other.
Fill out the next page with info about your organisation.

You’ll receive a zip with a bunch of files. Copy the files to the webserver

scp * root@server:/etc/nginx/ssl/

Login on the server and go to /etc/nginx/ssl/
Now create the bundle_ssl.crt

cat example_com.crt COMODORSADomainValidationSecureServerCA.crt COMODORSAAddTrustCA.crt >> ssl-bundle.crt

Add to conf (I already had SSL running with fake certifcates)

ssl_certificate         /etc/nginx/ssl/;
ssl_certificate_key     /etc/nginx/ssl/;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
keepalive_timeout    70;

More info: