If you already have an SSL-protected website with its own https
address, then you can use that website's certificate to sign your p3d
files. When the user is shown your certificate, he/she will be told
something like "This application has been signed by
myhost.mydomain.net," where myhost.mydomain.net is your website's
hostname. If the user knows your web page, then this will reassure
the user that it is safe to allow your p3d app to run.
This kind of certificate may be most appropriate for a corporate or
commercial p3d file; the user may closely identify the company's web
address with the company itself.
Panda3D requires your certificate to be formatted in PEM form, which
is the same format used by Apache. If you are using Apache to host
your website, then you can use the public key and private key
certificate files directly from your system install directory. (There
may also be a third file, that lists the certificate's authentication
chain. If so, all three files are needed to sign your p3d file.) If
you are using IIS or some other software to host your website, then
you may need to convert your certificate to PEM form first; you can
use the openssl command to do this. Search the internet for the exact
You can obtain an HTTPS certificate from numerous sources; they range
in price considerably, and many are quite inexpensive. Several companies offer a completely cost-free
HTTPS certificate, but these usually come with a very short expiration
date (90 days or so).