I use my own certificates internally, of course. I just want to prevent eavesdropping, so it's good enough, and I'm sure the NSA doesn't have my keys.
The problem is, of course, browsers won't have you as a trusted root, therefore displaying a warning to the users. That's not acceptable for a public facing site. We have to trust someone here to give us a certificate.
The problem is, of course, browsers won't have you as a trusted root, therefore displaying a warning to the users. That's not acceptable for a public facing site. We have to trust someone here to give us a certificate.