We are looking to do the decrypt/resign for outbound SSL traffic and want the easiest way of getting the clients to trust the resigned certificate. We do not have a PKI so that leaves us with getting a commercial certificate or using the Firepower b...