I never cared too much about my web presence and spikelab.org is the only domain I ever owned, so back then doing extensive researches to save a couple bucks didn't make much sense. Someone recommended Gandi to me and there I bought it. As for ssl certificates, CACert is what we all should use and push for, but right now we're far from a large adoption, and considering the associated fees (read bribes) required to be accepted in largely used browsers like IE it won't probably ever happen.
Otherwise there's always the good ole self-signed certificate option, which is just perfect if you are the only user or share with a bunch of ppl that know how to deal with a fingerprint. If none of that applies I'm afraid you're out of luck and you'll have to reach for your wallet. But things aren't that bad if you scrape the surface.

Mission objectives

Save some money on a bunch of additional domains I want to buy and find some place selling ssl certificates at decent prices. Possibly combine the two so I dont have to deal with multiple suppliers.

SSL certificates

The ssl certificate I need should match the following criteria:

1. Single Root Certificate
2. 128/256 bit encryption
3. 99% Browser Recognition
4. Online Validation

This is all you really need for your personal website and most likely it'd work fine for a small e-commerce website too. The 80% of what certs cost is essentially branding, so when your luser sees a Verisign logo or a green bar in IE he knows he's uber secure and no evil hacker can interfere with his business (because key-loggers do not exist!!). To be fair, responsible users would probably appreciate securer/more expensive certificates because of better checks on the company's identity before the cert is signed (online validation isn't really that good, but works fine for personal use).
Given the above, fat players like Twat^WThawte and Verisign aren't considered, and, nonetheless cheaper, companies like C-O-M-O-D-O, and Geotrust are still out of my budget. Things get a lot better with RapidSSL, but the real catch is with RapidSSL's resellers, where you can get the same certificates for half the price or even less. While that might sound fishy it makes sense if you consider the good deals they get as resellers and that further restrictions on rapidssl's brand usage are applied. But from our perspective it's all good. The other good news is that 99% of the resellers dont only deal with SSL certificates and generally also sell domains and web hosting, fulfilling the other two of our objectives.
Going through the requirements I've listed above, all certs offer encryption up to 256 bits and 99% browser recognition so they can be altogether ignored. The validation method instead differs from company to company, and for the basic package it generally involves email and/or a file with an unique code you have to drop in the root of the domain you're buying a cert for. Anything more complicated than that is too much hassle for my necessities. The single root certificate has been object of long debates and all I can conclude is that, at least from a theoretical point of view, they are better for the simple reason that the longer the chain the more rings you can try to break open. The other and more technical point against chained certificates is the possible headaches to get certain applications to work with them, if possible at all in some circumstances.

All registrars suck, but some suck less than others

I found tons of places selling domains for far less than what I pay now and they all come with much the same services: dns, web/mail forwarding and a couple more depending on the company. Some registrars have available a large variety of TLDs, other only stick to the few well known ones, but as far as registering a domain and pointing it to your host differences are really minimal.
The most noticeable difference, although not so rare, is a whois protection service, where the registrar puts its own data plus random bits linked to you in the whois record, thus protecting your identity but still guarantying you the ownership of the domain.
Money wise, excluding the big players, I got the impression that buying from US based companies is cheaper, sometimes even in the order of half of the price you get from European registrars like Gandi.
The big problem with most of the ones I've checked is the lack of an offer for ssl certificates, not quite sure why that's the case, business wise it'd make a lot of sense to me.
One important thing I cant really comment on is the administration panel, but I haven't found registrars offering demos so I have to live with it.

The losers

Just so you get an idea of what I've checked. In no particular order:

• COMODO: no domains, cert too expensive altho it's been positively mentioned to me by several ppl
• Geocerts: Geotrust's reseller, quite a good compromise quality-branding/price but still too expensive for me
• Enom: came up from a google search, nothing interesting
• All Secure Domain: good technical quality, but they dont sell certs and are too expensive.
• 4DReg: nothing interesting
• Gandi: no ssl certs, not cheap but not too expensive either, good customer support, nice management interface. Found a couple problems with their website in the past and they fixed 'em kinda quickly.
• RapidSSL: one of the cheapest yet quite popular CAs out there, unfortunately they dont sell domains and prices are too high.
• Godaddy: the closest to the winner, cheap domain and ssl certs. Two main problems: their webpage/interface gives me nausea and vertigo; their ssl cert is a chained one.
• Tucows/OpenSRS: seems to be oriented to resellers more than to individuals, and while it is possible to buy a single domain, ssl certificates seem only available if you resell domains.

The winner: namecheap.com

And they couldn't have picked up a better name. It's dead cheap, they sell both domains and ssl, their interface is mostly clean, no bloody flash banners, lots of explanations about what is what. If you need it they also provide a dynamic dns service, which is quite cool, no need to do get a homeip account and then point your domain to it, they can take care of the whole lot. And they offer a WhoisGuard service that comes free with domain registration, protecting your data in the whois record. I'm going to buy some domains there and give it a try, will post follow-ups as soon as I have fresh information.

Site: http://www.namecheap.com/
Domain pricing: http://www.namecheap.com/domain-pricing.asp?pricefor=register
SSL cert pricing: http://www.namecheap.com/learn/other-services/ssl-certificate-pricing.asp?pricefor=ssl