OES CA server in Win 10 and beyond

We have NOWS with OES 2018 with iManager, iPrint, GroupWise, ZENworks
The Organizational CA is internal

Whenever I browse on a Win10 PC with Edge, I receive the 'Certificate error' with 'DLG_FLAGS_SEC_CERT_CN_INVALID'
Chrome gets 'Your connection is not private' with 'NET::ERR_CERT_AUTHORITY_INVALID'

Both browsers can bypass the error to work, but next time the issue remains.

So, I would like to install the internal CA into the Win 10 local Trusted Root Certification Authorities - Certificates store, so users do not get the certificate error message.

Following several internet KBs & several exports of the eDir Tree CA (into .pfx file) imports into the Win 10 local Trusted Root Certification Authorities - Certificates, I still receive the Certificate error.

Anyone have a proper way to export the eDir Tree CA and import into a Win 10 TRCA Cert store so the browser doesn't cert error?

After this is working, next step is for GW admin console (on SLES 12) and other GW consoles to use the internal Tree Ca as it TRCA. Then add ZENworks (on SLES 12) consoles, iPrint consoles, etc. Maybe even a wildcard cert for all our sites.

Then any other internal sites to use certs minted from the internal Tree CA.

Step by step instructions would be very helpful.

Any help, comments, suggestions, advice would be greatly appreciated.