If you have your own CA but do not or cannot include certificate revocation information in your certificate, you can choose not to check certificates for revocation or to check only certain certificates in a chain. On the server, with the Windows Registry Editor, you can create the string (REG_SZ) value CertificateRevocationCheckType, under HKLM\Software\VMware, Inc.\VMware VDM\Security, and set this value to one of the following data values.
Do not perform certificate revocation checking.
But it seems that this doesn't work for commercial CA, like comodo, godaddy, ...
Do I have any other option here to make certificate trusted ?