Artigo muito bom sobre o assunto: http://www.vanemery.com/Linux/Apache/apache-SSL.html
Veja o artigo https://sites.google.com/site/ubuntu4us/artigos/ferramentas-de-sistema/certfication-autority-ca
No windows acesse o Group Policy Object Editor (ver link: http://technet.microsoft.com/en-us/library/cc736591(v=ws.10).aspx )
execute o aplicativo a seguir para alterar somente no máquina local: gpedit.msc
Autorize o novo CA seguindo as instruções (ver link: http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/sag_pkpprocsadddomroot.mspx?mfr=true)
To add a trusted root certification authority to a Group Policy object
1. Log on to a domain for which you have administrative privileges to manage the Group Policy object that you want to change.
2. Open the Group Policy object that you want to edit.
3. In the console tree, click Trusted Root Certification Authorities.
Where? Policy Object Name > Computer Configuration > Windows Settings > Security Settings > Public Key Policies > Trusted Root Certification Authorities
4. On the Action menu, point to All Tasks, and then click Import. This starts the Certificate Import Wizard, which guides you through the process of importing a root certificate and installing it as a trusted root certification authority (CA) for this Group Policy object.
• To open a Group Policy object, see Related Topics.
• To use this procedure, you must have administrative privileges for the Group Policy object.
• This procedure does not apply to Local Policy objects.
• You can import a trusted root certificate from a PKCS #12 file (.pfx, .p12), a PKCS #7 file (.spc, .p7b), a certificate file (.cer, .crt), or a Microsoft serialized certificate store file (.sst).
sudo openssl x509 -in /etc/ssl/certs/cloud.edifast.com.br.pem -inform PEM -out /etc/ssl/certs/cloud.edifast.com.br.der -outform DER
sudo ln -s /etc/ssl/certs/cloud.edifast.com.br.der /var/www/cloud.edifast.com.br.der
sudo openssl x509 -in /etc/ssl/certs/cacert.pem -inform PEM -out /etc/ssl/certs/cacert.der -outform DER
sudo ln -s /etc/ssl/certs/cacert.der /var/www/cacert.der