Depending on how many people you expect to be using your web site, it may be
more cost-effective to go through a third party to get a web server
certificate. If your expected audience is small, you may want to publish
that public key on a different web site or publish it on the SSL web site
itself and instruct users to ignore the IE message the first time and
install the certificate. When it comes to security, the certificate is
merely a wrapper for the public key which is useless for any malicious
intent without the private key so any means of delivery is appropriate.
--Shawn
This posting is provided "AS IS" with no warranties and confers no rights.
