I can't get my head round it. For one site I run:

1) I have a Plesk server and every so often my browser will pop up with "cannot verify the identity of this site"
I contact my host when it happens and they do something called "self-signing".


2) My browser says "this site does not supply identity information" but I can see no way to change this.


3) I don't collect data but sales people keep telling me that having a thawte or verisign badge on my site will improve retention because people will trust the site more.

I don't understand any of it. Do I need to buy a certificate? If so, what type? Are all certificates about SSL? Then why does "cannot verify" popup on the non-https sections of my website? Why can't I supply identity information without buying an SSL certificate?

Please. If there is an actual non-techie non-expert non-jargon description of certificates and what you do and do not need and what does what out there, will someone please point me in the direction?

Been trawling the web on and off for weeks and all I know is the price of everything.

Thanks
Mike