My aim is to provide encryption for UCP/admin GUI users (just in case), so I got my certificate from gogetssl.com ($7.75 for 2 yrs). My FreePBX is installed at GCP, see [How-to] Install Freepbx distro (with commercial modules) on Google (cloud) Compute Engine. GCP provides $300 for one year, so essentially your FreePBX is hosted for free the first year. I was able to manage my OpenVPN community edition on f1-micro machine (I do not have much traffic) https://cloud.google.com/free/
If you decide to give it a try I suggest using https://downloads.freepbxdistro.org/ISO/SNG7-FPBX-64bit-1805-2.iso to avoid error in installing the cloudendure agent. Then you can update the system through SSH. The modules can be updated through the admin GUI.