As mwb says, code cert != SSL cert. And self-signed certs aren't very good for SSL sessions, unless you have pretty specific purpose. It's a good thing that there aren't any free code signing certs, and that you can't self-sign... Yes it's a damn bother, and yes it should be a lot cheaper, but it helps in the fight against nasty malware.