First strip the certificate from all its text to keep only the -CERTIFICATE- section
openssl x509 -in cacert.pem -out cacert.crt |
Place this file on your web site as http://mysite.com/ssl/cacert.crt. Your web server has a mime entry for .crt files. Your certificate is ready to be downloaded by browser and saved on to their hard drive.
FIXME
FIXME
With your browser, point to the address of the certificate and save the file on your disk. Double click on the file and the Certificate Installation wizard will start. Because the certificate is self signed, Internet explorer will automatically install it in the Trusted root Certificate Authority list. From now own Internet Explorer won't complain and any Certificate signed with this root CA Certificate will be trusted too.