You can also use a personal email certificate to sign your p3d files.
When you do this, and the user is shown your certificate, he/she will
be told "This application has been signed by
firstname.lastname@example.org," which reassures the user of your personal
An email certificate is sometimes called an S/MIME certificate,
because it can be used to send encrypted and signed email via the
international S/MIME standard.
This kind of certificate may be most appropriate for a p3d file
produced by an individual or by a small group. Signing a p3d file
with your own email address is a very personal touch.
You can obtain an email certificate from numerous sources. Many
companies charge a nominal fee for an email certificate intended for
corporate use, but some companies also offer a completely cost-free
email certificate for personal use, typically with a 1-year expiration
date. (The expiration date is a nuisance, but not a limit. You can replace it with a new certificate when it expires.)
The process to obtain an email certificate can be a bit convoluted.
Usually, you will fill out a form at the company's website, receive an
email to confirm your email address, click on a link in the email,
then download the certificate into your browser. Once it has been
installed in your browser, you can find the certificate under the
Preferences menus, and save it (as a "backup") to a pkcs12 file on
disk, with the .p12 extension. Then you can convert it to a pem file
using openssl, with the command sequence:
openssl pkcs12 -in mycert.p12 -out mycert.pem -nodes
Typically, the public key and private key will be combined in the same
file. Keep this file safe.