This is a little trick to use in your development environment, so you don't have to use SelfSSL to isuue and setup a certificate. Go to %ProgramFiles%\Microsoft Commerce Server 2007\Business User Applications\.

Go inside the "CustomerandOrdersManager.exe.config" file.

Find this entry
<setting name="AllowHTTP" serializeAs="String">
             <value>False</value>
</setting>

Change the value to "True" and save the file. Now http is allowed and you don't have to worry about the certificate. This is of course not recommended in a production environment.