Are you seriously not aware of Let's Encrypt? https://letsencrypt.org/

Nobody has really had to pay for certificates for quite a number of years.

What certificates get you, as both a website owner and user, is security against man-in-the-middle attacks, which would otherwise be quite trivial, and which would completely defeat the purpose of using encryption.