I thought you might find this interesting. There was a recent slashdot article (http://it.slashdot.org/article.pl?sid=08/06/24/2345223) in which self-signed certificates were discussed, and I think it might be worth a perusal of the comments before you keep purchasing certificates. This comment was particularly interesting:

"SSL certificates provide one thing, and one thing only: Encryption between the two ends using the certificate.

They do not, and never been able to, provide any verification of who is on either end. This is because literally one second after they are issued, regardless of the level of effort that goes into validating who is doing the buying, someone else can be in control of the certificate, legitimately or otherwise.

Now, I understand perfectly well that Verisign and its brethren have made a huge industry out of scamming consumers into thinking that identification is indeed something that a certificate provides; but that is marketing illusion and nothing more. Hokum and hand-waving. "

I know I'd accept a self-signed certificate, because if it asks me to add an exception again I know your cert has changed, which means I might not be able to trust who's on the other end. At least then I can view the original certificate instead of having my browser automatically accept it.