No need to re-invent the wheel so I'm just linking to Troy Hunt's article which walks you through the entire process.
1.) Make sure your site is atleast a basic website instance (free and shared don't work, shared really should)
2.) on StartSSL make sure you are using your main browser and that it's a desktop browser when you first sign-up, you need to be able to save the SSL cert the company installs on your browser for further authentication, failing to do so will probably lock you out of your account.