CAcert, at http://www.cacert.org/, is a Certifying Authority which issues SSL certificates. The important thing as opposed to Thawte, Verisign and the rest is that CAcert don’t charge you. At all.
How does that work then? Well, unlike the others, CAcert works on the “web of trust” model. CAcert users whose identity and reliability they are sure of can act as “assurers”, meaning they can vouch for others and increase the perceived reliability of those they vouch for.
Once someone’s reliability increases sufficiently by this mechanism, they too can become an assurer if they so wish. There is considerable incentive to be an assurer, because after a point that is the only way to get more functionality from their systems.
Anyway, I suggest you check it out if you want to use SSL properly without paying anyone.