So, I'm supposed to trust someone I've never heard of, and just take their word for it?

The fact that the site allows one to enter credit card details over plain HTTP would be my first clue not to trust this cert.