About ssl certificate info on tomcat

hi
i went thru tomcat how to docuement on enabling ssl on port 8443. i created the certificate and it generate a keystore in my home directory. everything worked fine except when i access my port https://localhost:8443 it displays the page and when i click on View certificate it gives some info as This CA root certificate is not trusted and it ask to install the certificate in Trusted Root Certification Authorities store.
Any idea why is it so and how to overcome this issue
thanks
Rashid

Self-signed certificates (like the one you created) are not fully trusted by browsers because the issuing authority (you) is unknown. Either use a certificate issued by a known authority (Thawte, Verisign, etc.), or import your certificate into the browser. Under Firefox you can do this in the options under Advanced -> Security -> Web Sites -> Import.

Thanks Ulf,
basically i am tryig to create a website which has sensitive information. So the conclusion is i have to get a certificate from a known certificate authority like verisign or some other issuing agency. Self made certificates will always be untrusted as in my case. Please let me know if what i understood is correct.
Thansk
Rashid

Unless you can get your users to import your certificate into their browser, yes, that's correct.

Thanks