I have looked into getting a SSL certificate for my site in the past but I always ended up deciding it cost to much. Why should I pay hundreds of dollars for a simple certificate that is used for encrypting data? I am not interested in a super-duper publisher certificate that certificates who I am. I just want to encrypt my http traffic so I can use forms login, transfer "sensitive" data like logs etc. The developer in me always said “make one yourself“; install and configure a Certificate Authority on a PC and use it to issue certificates. I never did, and was very happy when I found StartCom last year.
The online wizard is simple to follow and allows to generate a certificate for your web server and protect your site with https in minutes.
The StartCom Certification Authority has undergone a third party audit so the StartCom CA should be supported by most browsers and mail clients in the future. At the moment the users have to either import the StartCom CA certificate into the client or accept to browse the site with an "unknown" certificate. That is not a problem for me as I have imported the CA on my PCs and my friends will have to accept the unknown CA until StartCom is supported by everyone.
Quick, painless and highly recommended.
Update: corrected links
Feel free to drop a few cents in the
tip jar if this post saved you time and money