Do you use your custom certificate during installation or did you let katello generate its own CA. If it’s a new katello CA then your browser doesn’t know the root CA and doesn’t trust it. You should not get that message in your browser if you never before use that browser to open any web page on your new katello installation with the new katello CA.
I also wonder why your browser seems to import that certificate. With my Firefox 80 and macOS and Windows it only suggests to save the certificate file and not to open it. So I find it curious that your Firefox seems to handle that differently…