As the browsers are more and more security aware, local URLs to internal websites with and without selfsinged certificates shows up a security warning that have to be accepted. Sometimes acces to this URL is completly denied.

And the other thing is user are made unsertain if they can trust that URL.

Here a own local CA comes right.

The following scripts are based on https://gist.github.com/Soarez/9688998
# and the comment from "MacCliF commented on 10 May 2020"

The create process consist of two steps

1. creating the CA, as it has to be done only once, I did not wrote a script, just follow the URL posted above

2. install the shell scripts from the zip file. I'am not a shell script guru, so excuse if they may be better, feel free to optimize. There a 3 of them

make_cert.sh creates new certs

renew_certs.sh to rewnew expired certs

make_pem.sh convert .crt to .pem format

Do't forget to make the executable

You have to edit the first 2, the are quit some places you have to chnage to be compatible with your enviorement.

After you have cretated the certificate you have to implement it to your site.

Now if you add the CA to the trustet CA's on your users workstations, pads, mobile phones etc. they will have nor warnings when acessing an internal site.

You should made the livetime of your CA to 10 years plus when creating.

I wish you much succes, for me this works fine