Purchasing an server certificate is the most easiest way to enable SSL-encrypted requests for the own web- or mailserver. In larger organizations, one might want to use his own certificate authority as many certificates are required and thus individual needs can better be fulfilled. On the other hand, this brings new problems as webbrowsers display warnings for unknown certificate authorities. Each enduser needs to install the certficate authorities root certificate to overcome this. I wrote a Firefox extension some years ago to enhance this: as it is possible to install extensions globally, this can simply be used in larger multiuser environments. Distributing individual root certificates for Firefox weiterlesen