Obtaining Certificates to Identify a Specific Entity
To get a certificate for a server (or client, if you want client authentication), follow these steps:
1. Create a public and private key pair using the cryptographic library’s utilities.
2. Create a certificate request using the key pair and the cryptographic library’s utilities.
3. Send the certificate request to a certificate authority, along with identification and a fee.
4. The certificate authority will send back a signed certificate with a specified validity period (usually one year).
NOTE: You may need to convert the certificate to PEM format using the utilities in the cryptographic library.
For more information, see the examples\secsock\certs directory and its subdirectories. These directories contain readme.txt files and scripts used with OpenSSL to create the example certificate infrastructure.