The problem with self-signed certs is that you're then given no assurance that you're not being MITMed. An attacker could be stripping the real SSL off a connection, re-encrypting it with a self-signed cert they've created, and then showing that to you. Real SSL certificates have trust chains, which aren't used in self-signed certs.