Owning a web server that has its own SSL certificate from a registered Certificate Authority (so it won't trigger any browser warnings) does have its advantages. However, the price of a certificate issued by Verisign or a similar vendor usually tends to put a quick end to such fanciful ideas. Israeli vendor StartSSL offers free SSL server certificates that are valid for a year.
Since StartSSL's root certificates are already included in all the mainstream browsers, opening a certificate from the vendor doesn't trigger any error messages. This article gives examples of all the steps required to add StartSSL certification, from signing up with StartSSL to integrating the certificate into an Apache web server under Linux.

The only requirement for obtaining a certificate for a domain is that a user must be able to receive emails to an administrative account (postmaster, hostmaster or webmaster). There are no additional checks to verify whether the user actually owns the respective domain (incidentally, this is similar to other CAs such as RapidSSL). Furthermore, an issued certificate is only useful if it can subsequently be installed on a server. Those who own a "business card" type of home page with a web hosting service cannot, therefore, use such a certificate because they don't have access to the server configuration.

The procedure is similar for Apache under Windows and Internet Information Server (IIS) under Windows. With IIS, the required steps need to be executed on the Microsoft Management Console (MMC).

The link for this article located at H Security is no longer available.