Well I finally bought this:
https://www.namecheap.com/security/ssl-certificates/domain-validation.aspx
"Comodo PositiveSSL", it costs less than $10 / year. But it is not renewable so I have to go through the same procedure again every year.
It looks like I'm going to get a free certificate from startSSL again, after all. I found my way around their interface.
The Comodo certificate still sits in my namecheap control panel, and hasn't been activated, nor tied to a domain, so I can use it whenever I want. But I don't see the advantage of it.