SSL Certificates

Firefox 3's policy on self-signed SSL certificates is very annoying. I understand why they did it but sometimes all we really want is the encryption and a self-signed certificate is fine. I was asked if there was a work-a-round and the answer is no. You can always add an exception for the certificate but for average non-technical users, it is a lot of extra work. The best answer is to get a certificate issued by a Certificate Authority (CA) but if you only operate a small site, you cannot justify the cost.

Until now I knew of one free CA, cacert.org, but none of the browsers recognise them so it does help with this problem. I just visited their site and it looks like they are working hard to get themselves included in the mainstream browsers. While researching this problem I found startssl.com. They also provide free certificates and Firefox recognises them as a CA, so it looks like a good solution. Unfortunately, Internet Explorer does not, but it is lot easier to manually accept certificates in IE (or so I've been told, I haven't use IE in a long time). If remember correctly, it was easier in FF2 as well. Oh well, that's progress for you.