In the beginning the communication on the Internet was unencrypted. As more sensitive traffic came Secure Sockets Layer (SSL) was created. It makes sure that the connection between your computer and the server computer is encrypted. It also validates some of the settings like hostname of the server.

To set up such a secure communication there exists two alternatives. To buy a certificate issues by a public Certificate Authority (CA) that has its root certificate installed in the major browsers. This means the browser approves the CA, which in turn makes sure the certificate it issues is for a specific host. This costs is in between $50-$1,000+ per year.

For a small community it the alternative is a free certificate. As there is no real important information stored, just simple passwords and not bank credentials, a free certificate provides enough connection protection. The disadvantage is the warnings of a insecure CA. This is very serious warning if you visit a bank website or some site that saves important credentials. For a simple community site the danger is very limited.

I wish there were more visible different levels of SSL security certificates. That for simple sites that do all things right won't get the warning, but also not a super duper bank SSL lock. The alternative to the warning is that you decide to trust me and my tree.se CA. You do this by adding the CA certificate to your browser. After you have done this all secure sites I run will be accessible without the warning.

If you decide not to, you have to live with the warning, which is also OK. The certificate is not trying to trick you as the site is not trying to get money, hurt your dog or burn down your house.