To resolve this issue, an organization that hosts the secure Web site can purchase a certificate for each Web server from a third-party provider. Or, the organization can install a Microsoft Enterprise certification authority in the Active Directory forest. Then, the organization can use this certification authority to generate a certificate for each Web server.
Note Users of client computers that do not belong to the organization's Active Directory forest can visit the certification authority Web site to download the certificate.
[
Answer Reference[
^]]
Hope it helps.
--Amit