Connection not secure - Certificate needed

Question

Please forgive me for what may seem like a simple question, but I can't get my head around certificates! 
 We have two Email Appliances that are clustered, and only accessible from the internal network. As such they both have separate internal IP addresses and hostnames on the internal domain. 
 When they were setup we self certified via the appliances themselves, and have always put up with the "Connection Not Secure" message in the browser when we access the Appliances. 
 However as part of an organisation wide policy we want to ensure there are no errors when accessing https sites such as the email appliance. 
 
 Is it possible for us to get rid of the error? Can we certify via a CA for a hostname/IP that is only accessible internally? 
 
 Thanks for any help anyone can provide.

Red_Warrior · Answer

Hi Martin, 
 
 Just did up this one https://community.sophos.com/products/email-appliance/f/email-appliance-hardware-or-virtual/104368/certificate-signing-requests 
 the reason your getting the insecure message is because under certificates the radio button for the UI is selected on the default self signed cert (self signed is technically invalid but can still encrypt traffic) 
 
 You have 2 options: 
 #1 just save and convert the cert.. then push it out via gpo 
 #2 upgrade the certs to ca signed just follow the above link and select it for all 4 radio buttons. 
 
 again if you wish to use a ca cert.. a 5$ signed cert will do fine.