Make a key for your CA, make an SSL key for your sever, sign the key with your CA and add the CA to your in-house browser/list of trusted CAs.
This is the hard part. Unless it's company hardware there is absolutely no way I am installing a new root cert on my machine.
This is the hard part. Unless it's company hardware there is absolutely no way I am installing a new root cert on my machine.