free encryption certificates and encrypting elgg sites

i have read some of the threads here where questions have been raised about the wisest approach for using encryption and certificates with elgg. the conclusion is that encryption is necessary for logins as a minimum. 

since, like domain names, the 'trust' industry has already been hijacked by ones i don't trust; who offer to sell certificates of trust and the browsers offer alerts that your site is not 'trusted' if you use a 'self generated' certificate.. does anyone here have any ideas i may not be aware of, of how to run a free certificate without triggering the browser 'UNSAFE SITE' warnings?

i know there are one or two groups that claim to offer free certificates.. without naming names, i attempted to begin setting up a certificate with them and one group only offered the service if you are within the usa border and the other (who i spoked to by phone) seemed highly untrustworthy themselves!

i really don't see how paying a group that you have never met to issue you with their brand of certificate is any type of guarantee of security at all. with this system in place, sites that attempt to activate encryption for free, even with encryption certificates that are of greater ability than the 'paid for' ones, will be identified as being 'threats'.. when in reality they are safer.. i am wondering if this is actually part of the plot to de-rail encryption algorithms and thus to prevent real encryption being used, while earning large amounts of cash.