Hi! I'm Benjamin Kay, and I use a self-signed CA to sign my SSL certificates. The advantage for me is that I don't have to pay hundreds of dollars for certificates signed by an "official" CA. This disadvantage for you is that you keep getting those annoying "The Connection is Untrusted" and "The server failed the authenticity check" warnings. But despair not! By installing my self-signed CA in your web browser, e-mail client, or whatever you're using to access my network, you can abolish those pesky warnings once and for all.
| File | Format | Mime Type |
| ca.crt | DER | application/x-x509-ca-cert |
| ca.pem | PEM | application/x-pem-file |
Firefox users can simply click on ca.crt and then check the box titled "Trust this CA to identify web sites."
SSL/TLS is a mechanism to establish secure and reasonably anonymous connections over the Internet. It is, for example, how you supply your credit card number to an online store without worrying about a hacker stealing it. Don't believe me? Look it up on Wikipedia.
Security
SSL encrypts communications between your web browser and the servers at benkay.net. So when you supply your password to login to a service here, you don't have to worry about someone stealing it.
Anonymity
SSL encrypts the request URI (the /ssl-ca.xhtml in https://www.benkay.net/ssl-ca.xhtml) too. So if someone is listening in on your Internet connection, she can tell you've been to benkay.net, but she can't tell if you went to https://www.benkay.net/The-PRC-Is-Awesome.php or https://www.benkay.net/Tiananmen-Square.php.
To use SSL, all you have to do is (ideally install my CA as per above, and then) put https:// into your address bar in place of http://. Sometimes I'll do this automatically for you, e.g. at a login page where you must enter a password.