Creating your own certificate authority
A certificate authority is a virtual organization that signs each of your server keys, letting the client assert that the server keys are authentic and have not been tampered with.
Sites with many FH Web Edition servers can create their own certificate authority,and then sign each server’s certificate from this authority and install the certificate authority certificates onto each client. This prevents any warnings about untrusted authorities, without requiring the site to obtain a third-party certificate for each server.
There are many third-party applications and systems to assist in the creation and maintenance of a certificate authority that interoperates with the OpenSSL toolkit. These tools are able to generate signed server certificates for use with FH Web Edition without modification.
To establish the certificate authority, a CA key and self-signed certificate must be created. Once the CA certificate and key are created, import the CA certificate on the client device through the Internet Options dialog box. Finally, the server keys are signed using the CA certificate, which allows the client machines to recognize the authenticity of the signatures and allow connections to the server without warning the user about the trustworthiness of the CA.
Note: Nine files are created during this process: ca.key, ca.csr, ca.crt, ca.cfg, ca.serial, server.cfg, server.key, server.crt, and server.csr.