http://www.cacert.org/

Dont quite know how reconised the certificates are though.

Think some dedicated server providers do free SSL certs with packages. But they have to remain with that server.

This cacert gives me a free certificate after the successful test or what?

Dunno.

I would try and check to see what percentage of browsers will see the certificate as a valid one. Otherwise your back to square one.

Edit : Found this on the site

(*) Please note a general limitation is that, unlike long-time players like Verisign, CAcert's root certificate is not included by default in mainstream browsers, email clients, etc. This means people to whom you send encrypted email, or users who visit your SSL-enabled web server, will first have to import CAcert's root certificate, or they will have to agree to pop-up security warnings (which may look a little scary to non-techy users).

Which would be the same for your self signed certificates.

Though by spreading CAcerts instead of your self signed ones you are helping the spread of the CAcert Root certificate

This post was last modified: 04-03-2008 06:49 AM by rsmithgs.

I know have a certificate from StartSSL but I don't know how to implement it to my server because I only have a *.crt , a *.csr and a *.key file but no *.pem .
How can I use this now?
Thanks.

I think you can copy your *.crt and rename the copy *.pem

But StartSSL is not trusted as well as far as I see.

That does look like the case.

If you do not want the certificate errors to appear in the web browser and are looking to get a certificate for free you will need to get the clients to install your certificate on the PC they are using. TO get a reconised certificate you will need to pay money.

error by certificate generation

if i use:

i get this error in last step openssl ca: