If you only need a certificate for (www).domain.com, (not a certificate with multiple names as detailed in the story) then here are step-by-step instructions for getting a free certificate from StartSSL: https://github.com/ioerror/duraconf/blob/master/startssl/REA...

Do StartSSL issued free 1-domain certificates valid for all major desktop and mobile browsers? Can anyone confirm this? Most cert providers claim almost always 99% and above comptability but they dont claim any percent value on their website.

99 percent of what? Browsers ever made? Visitors to your site?

I read that Microsoft added the StartCom CA to Windows in 2009. So I would assume that people browsing the web with ancient, unpatched versions of IE will have problems. How big a deal that is probably depends on your site.

i'm assuming you're not joking. it's "browser recognition" and this value is generally 99.9% for paid providers.

that doesn't help if you still want folks who use IE on XP to connect to your site with SSL, since you can't rely on SNI in that instance.

The key part was the "1 ip address"

Multiple names in the certificate isn't the same as SNI. The server is still giving the same certificate to every client so SNI support isn't needed and XP clients will work.

i know, i saying that getting multiple single domain certificates won't fit the bill. That's why a UCC was needed