Hello Tradsd,
Here is what you have to do to prevent the certifcate warining when PGP Destkop starts up:
1) issue a (Webserver) Certificate from your CA for your Universal Server
2) Assgin this Certficate to the proper Univerversal Server Network Inteface
3) Publish the Root Certficate from your CA (trough GPO) in Active Directory
This way Clients should have it in thier "Trusted Root Authorities" Certifiate Store
If your CA does have an Intermediate (Issuing CA) Authority then publish this Certififcate as well
4) Once your Clients have the certificate(s) in the Store they shold implicit tust the Connection that PGP Desktop initiates to Universal Server and no warning should occur.
Let me know if this solution does work for you.
Cheers,
Martin