Comment by Mark on "HTTPS / Certificate options for offline app"

HTTPS certificates are signed by authorities that you have to trust, otherwise you get an error.

Browsers come with a number of trusted authorities, which is why most https websites work, and why self-signed certificates don't work.

Note that you still get encryption with self-signed certificates, but what you don't get is the validation that you're connecting the right part matching the public key.

So your options that I am aware of are:

Get an already trusted authority to sign your certificate. I believe letsencrypt only does that if they can verify that you own the IP, so it might be hard.
Have your own authrority and get all your internal users to trust it. I don't know how, but there must be some easy way to do this, as I believe it's what many companies do.
(Skip https or accept the warnings - not recommended).

(Someone correct me if you spot any mistake)

Search Hashnode