For internal-use IIS-based sites, you can enable HTTPS by self-signing a certificate and distributing it through the Group Policy so you can avoid seeing warning messages like this.
Self-Signing a Certificate
Simply open an elevated PowerShell window and run the following command to self-sign a 5-year certificate to the certificate store on the local machine.
New-SelfSignedCertificate -DnsName "servername" -CertStoreLocation cert:\LocalMachine\My -FriendlyName "servername" -NotAfter (Get-Date).AddYears(5)
Technically, you can do so on any given computer but it’s easier to run it right on the IIS server so you don’t have to move the certificate around.
Binding the certificate to IIS
Right-click the site on IIS and choose Edit Binding. Add the HTTPS (443) binding and pick the certificate you just self-signed from the list.
Exporting the certificate
Open the Certificate detail from Server Certificates on the IIS Manager, go to the Details tab, and choose Copy to File… button.
Follow the wizard, choose Yes, export the private key, and Include all certificates in the certification path option to save it with a password.
Distributing the certificate via the Group Policy
Open the Group Policy Management console, and head over to the following location.
Computer Configuration\Policies\Windows Settings\Security Settings\Public Key Policies
Right-click the Trusted Root Certification Authorities and choose Import.
Then on the File to Import window, pick the PFX file you exported from the last step. Make sure you pick the *.pfx type from the dropdown list.
Forcing HTTPS
Once the certificate gets distributed to the workstations, redirect all HTTP traffic to HTTPS to enforce secure access.