Yesterday I bought the cheapest certificate here:
https://www.namecheap.com/security/ssl-certificates/domain-validation.aspx (the one for $7.33
and installed it to an Azure-Website to test if it would work with my Spider out of the box, and it did!
It seems that the Commodo-Root cert is up-to-date in NetMF 4.3. I have used a tool to create the certificate request, DigiCertUtil.exe :
It will allow you other operations, like importing the cert (which did not work for me for the generated cert, just by double clicking it) and to export the private key.
Every https call to the site worked for me without any problems. No need to import the cert in NETMF.
FYI: I am not affiliated with any of those companies. Just a great find.