How to config self signed certification in WAS for CLM?

Unless you get a certificate from a "recognized" authority, users will always receive browser warnings.   Browsers/rtc clients are complaining because WAS creates self-signed certificates when the profile is created ( and will update them as they expire ).  In order for clients to not warn about those self-signed certificates ALL clients must be configured to trust the (private) signer of that certificate.

To get CA signed certificates open the NodeDefaultKeyStore ( SSL certificate and key management > Key stores and certificates > NodeDefaultKeyStore ) Click on Personal Certificate Requests.  Click New, fill out the form and send the request file to CA.  Your CA will have (or should) instructions on how to get your certificate into the environment.

Another approach is to maintain your own CA (using openssl). There are plenty of tutorial on the net on this topic. Once _all_ the clients are configured to trust your own CA/signer, all certificates signed by this CA/signer will be accepted without complaints.