SSL certificates are one the prior requirements in the internet now and most probably in the next 5 to 10 years they will be made mandatory in most of the sites where they collect user data. This might also include sites which collects data with a simple contact form etc. I am pretty sure about this after seeing my inbox flooded with GDPR complaince being followed after the implementation.
Self-Signed certificates are free but when a user access your website, They will get a notification in the browser about it. It will affect the trust on your website. There are many providers who sell SSL certificates for cheap prices like RAPID SSL etc. But still when you have an option to get a SSL why do you want to miss.
So its never too late to add a SSL certificate for free. We are going to use let’s encrypt, A free SSL provider.
For a PHP based site we can use the script from https://github.com/imbrish/letsencrypt. The steps for installation is provided in the URL. The certificate provided by lets encrpyt is valid for 90 days, But It can be renewed for free any number of times.
For WordPress based websites you can use the plugin WP Encrypt.
Many hosting providers provide the one click install feature for lets encrypt too.