An X.509 certificate is an encoded file that a secure service, such as a web server, uses to identify itself to a client. A Tarantella server with the Tarantella Security Pack installed also requires a certificate in the same way.
Certificates are generated by Certificate Authorities (CAs) --
trusted third parties that sign a certificate for a particular
server. To obtain a certificate for a server you must send a
Certificate Signing Request (CSR) to one of these CAs. When a CA
receives a CSR they check the validity of the request and return an
X.509 certificate. You then install the certificate using the
tarantella security certuse
command.
By default, the Tarantella Security Pack supports a number of Certificate Authorities.
In some cases, you can share a certificate between a web server and the Tarantella server on the same host.