Folks, I recently learned that SSL issuing places like GeoTrust, Verisign, etc can no longer issue "intranet" SSL certificates, like http://myintranet/ I've been doing this for my company for years (renewing them), and not really sure how to proceed - it seems we should create our own Cert Authorization and distribute a new, locally created cert to our enterprise.
Here's the problem - I need a step by step on how to do this:
1) Creating the cert on our own CA (could probably figure this one out)
2) Adding it to our server (without messing up the existing SSL - current cert expires in December)
3) Distributing the new cert to the enterprise. My biggest concern during this whole process is for our users not to get any cert warning errors, because that will flood the helpdesk...
Any tips, directions, advice? Thanks in advance!