itsme33 wrote:thank you, perfect answer, that covered most of my concerns, so if i remove the old CSR as it is -as you said- not used at all, then where is the new one that i have to send to digisign...etc? i can't see other one that has my phrase that i put when created the certificate using the makecert.bat
As I said, makecert.bat deletes it after it has created the server certificate. If you want to keep it, just comment out the line in makecert.bat so it looks like:
rem del server.csr
itsme33 wrote:one last Q please, is there anyway for me to make this localhost internal office server appear green in the title bar, or https without X sign on it, or IE recognize it as safe/verified WITHOUT sending the certificate to one of those digisign versign godaddy..etc and pay for it, or this is essential.
No, you have to create your own CA, the CA key is used for signing your cert. Then you have to import the CA certificate into your browser, if I remember correctly. I have not created my own CA for this purpose in 15 years at least and any notes I may have had on the subject were subsequently destroyed by flood. I'm sure it can be Googled up. 
itsme33 wrote: ... so don't know if i have absolutely to send this out and pay money for it or i can do this myself somehow!? moreover, maybe because the office server is not exposed to the intenret it is e.g. office1.localhost should it be exposed to the internet in order to make this https appear green, either or?
If you want every browser in the world to accept your certificate, yes, but on any browser you import your CA it should then accept any certificate signed with that certificate. I loathe IE so I try to not understand it's stupidities with the exception of does my site look proper on it. It may have an internal list of TLDs it knows to be supposedly on the internet but even if it did, using the hosts file in windows you could fool it into thinking http://www.doesntexist.com
on your local server was a valid online .com website.
 EDIT: I found the info, or where I got the info long long ago. Good thing my long term memory is better than the short term memory. It's not easy to follow along, uses different file names all the time and I remember it being extremely confusing. I'll post the steps from start to finish after I compile it all and do a test or two.