Mostly Verisign, which required faxing forms and eye-watering amounts of money. Then Thawte, which brought down prices to a more manageable US$500 per host or so. Which might seem excessive, but was really peanuts compared to the price of the 'SSL accelerator' SBus card that you also needed to serve more than, like, 2 concurrent HTTPS connections.

And you try telling young people that ACME is a walk in the park, and they won't believe you...

I was using StartCom StartSSL which was offering free 1 year certificates at least for my personal sites.

Self signed certs. I wasn't paying.

SSL/TLS via expensive and hard to work with providers and tooling. Let's Encrypt made it free and easy to maintain.

either you used http, self signed if you did not mind the warning, and i remember there being one company that did offer free certificates that validated, but cant remember the name of it

The pros were using client-side encryption :D