免费的 ssl/tls 证书有啥不好: 答没啥不好
At the byte level, X.509 is X.509 and there is no reason why the free SSL certificates would be any better or worse than the non-free -- the price is not written in the certificate. Any certificate provider can fumble the certificate generation, regardless of whether he gets paid for it or not.
The hard part of a certificate is outside of it: it is in the associated procedures, i.e. everything that is in place to manage the certificates: how the key holder is authenticated by the CA, how revocation can be triggered and corresponding information propagated, what kind of legal guarantee is offered by the CA, its insurance levels, its continuity plans...
For the certificate buyer, the big value in a particular CA is where the CA succeeded in placing its root key (browsers, operating systems...). The vendors (Microsoft, Mozilla...) tend to require quite a lot of administrativia and legal stuff from the CA before accepting to include the CA root key in their products, and such things are not free. Therefore, a CA which could get its root key distributed but emits certificates for free has a suspicious business plan. This is why the free-cert dealers also offer paid certificates with some extra characteristics (certs which last longer, certs with wildcard names, extra authentication procedures...): at some point, the CA operators must have an incoming cash flow. But, ultimately, that's the CA problem, not yours. If they are willing to give away certificates for free and Microsoft is OK with including their root key as a "trusted by default key" then there is no problem for you in using such certificates.
Edit: and now there is Let's Encrypt, which is a free CA that got accepted by major browsers. Their business plan is not suspicious -- in fact, they don't have a business plan at all. They operate as a non-profit entity and they live from donations. Their found a nice niche: they got buy-in from major browser vendors who went on a crusade to kill non-HTTPS Web, and needed a free certificate issuer to convince admins of small Web sites to switch; and now, no browser vendor may leave because it would make them look complacent with regards to security.
just copy from : https://security.stackexchange.com/questions/18919/are-there-technical-disadvantages-in-using-free-ssl-certificates
