We can create our own Certificate Authority and issue a certificate to our server. But the browsers doesn't recognize it as a trusted one. Yes we can configure our browsers to trust our certificate. But how can we make our certificate as a universally trusted one like VeriSign or other trusted certificates?
The only way is to obtain a trusted certificate from a Certificate Authority (CA) due to the necessity of a Trust Chain.
There are several free sources like:
Also, starting Fall 2015 there will be a free service to obtain trusted certs from Let's Encrypt.
Let’s Encrypt is a free, automated, and open certificate authority brought to you by the Internet Security Research Group (ISRG), including the Electronic Frontier Foundation, Mozilla, Cisco, and Akamai.