Re: I continue to be surprised
I have a pretty cheap hosting provider, and they still handle all the Let's Encrypt "gobbledegook" for me with a single click, and my certificates are automatically renewed. These days, you shouldn't need to know about any of that as a web designer/maintainer any more than you need to actually understand HTML (though of course it helps...). The hosting provider is at fault in the scenario you describe. As for the extended validation etc. certificates, which of course do require much more faffing (and cost), do you know of any normal person who actually cares what kind of certificate a site is using as long as it has "the little padlock thingy"? I view EV as just another way for CAs to get money for old rope.