.TP
.I "-!"
Extended help (for advanced options)
+.SH EXAMPLES
+.PP
+To create Building a SSL test (i.e. non trusted) certificate is easy
+once your know your host's name. Mono ships with a utility, makecert,
+for doing so. The following command will create a test certificate for
+an SSL server:
+.nf
+ $ hostname
+ pollux
+
+ $ makecert -r -eku 1.3.6.1.5.5.7.3.1 -n "CN=pollux" -sv pollux.pvk pollux.cer
+ Success
+.fi
+.PP
+In particular in the above example, the parameters used to build this
+test certificate were:
+.TP
+.I "-r"
+Create a self-signed certificate (we don't need/want to build a
+hierarchy here).
+.TP
+.I "-eku 1.3.6.1.5.5.7.3.1"
+Optional (as sadly most client don't require it). This indicates that
+your certificate is intended for server-side authentication.
+.TP
+.I "-n \"CN=pollux\""
+Common Name (CN) = Host name. This is verified the SSL client and must
+match the connected host (or else you'll get a warning or error or
+*gasp* nothing).
+.TP
+.I "-sv private.key"
+The private key file. The key (1024 bits RSA key pair) will be
+automatically generated if the specified file isn't present.
+pollux.cer. The created SSL certificate for your host.
.SH KNOWN RESTRICTIONS
Compared to the Windows version some options aren't supported (-$, -d, -l,
-nscp, -is, -sc, -ss). Also PVK files with passwords aren't supported.