Lets Encrypt is probably the best option. But if you can't use it like me (since I need a wildcard certificate), you should be getting 3-year certificates instead of 1 year ones. At least it'll cut down how often you have to update them.

Lets Encrypt and the dehydrated script here: https://github.com/lukas2511/dehydrated

Not affiliated - other than as a user of the script.

Let's Encrypt + certbot + crontab.

Letsencrypt is hacking this problem, every 90 days TLS certificates are renewed automatically.

Both, SSL buying and renewal process are same. So you have to follow the basic steps that you already know to enable SSL certificate on your website. Let's Encrypt has auto renewal process for domain validated certs but if you are looking for anything else like OV or EV, then you will have to go for other paid provider.

Certificates at AWS Route 53 are very easy to set up. so you have two candidates, letsencrypt and Route53.

Lets Encrypt?

Unfortunately, there is no auto process to renew an SSL Certificate as it requires valid verification of domain name or organization. So, the process of renewing an SSL Certificate is same as buying a new SSL. You can renew a Comodo SSL at cheap price here https://comodosslstore.com/

There is no such automated renews process for SSL Certificate. One your SSL certificate expires, you need to renew it again manually.

Again you have to generate CSR and Private key for your domain.

But, the best option to get rid of renewing SSL certificate each year is, Buy your SSL certificate multiple years (3 years), then you don't need to renew your SSL certificate for 3 years.

Note: In the case of EV SSL Certificate, the CA will allow to issue it for only 2 years.