Please correct me where I'm wrong. I'm doing the following all on the same computer, running Windows 7.
I'm creating a self-signed cert and adding it to my trusted root authorities with MMC with certificate snap-in with this call:
This is how this CA cert is created:
makecert.exe -sr currentuser -ss ROOT -a sha1 -n "CN=MyCompany,O=MyCompany,OU=R&D" -sky signature -pe -r "MyCompanyCA.cer" -sv "MyCompanyCA.pvk"
Then I create a signed certificate with my self-signed CA cert (that should now be trusted on my machine) with this line:
makecert.exe -sr currentuser -ss MY -a sha1 -n "CN=localhost,O=MyCompany,OU=R&D" -sky exchange -pe -ir currentuser -iv "MyCompanyCA.pvk" -ic "MyCompanyCA.cer"
My application uses this (2nd) certificate to give me HTTPS in an embedded webserver from http://webserver.codeplex.com/
(the cert it uses is a pfx from the 2nd cert above.
Firefox gives me a warning telling me my certificate is not trusted (even though it's been signed with the self-signed CA cert that is sitting in my certificate store). What gives? I don't want to have to add the exception...