Obtaining Keys and Certificates
A private-public key-pair is easy to generate. Likewise, an “uncertified” certificate may be
generated with little effort, but obtaining a trustworthy certificate from a CA necessarily
requires some work, time, and (usually) cost. It involves interacting with the CA to prove
identity, and waiting for the CA to digitally sign the certificate.
Microsoft Visual Studio has a command-line utility called MAKECERT which may be used to
generate private keys and certificates of the PVK and CER formats, respectively.