in the sip/cert directory you can find makeCA and makeCert
first run makeCA This will make a CA and a file called root_cert_fluffyCA.pem
This is the root certificate for the CA - it good for testing but it is not secure.
then to make a TLS certificate for a domain example.com run
this will make a files called domain_cert_example.com.pem domain_key_example.com.pem example.com.csr
The domain_key file is the private key
The domain_cert file is a cert signed with the example CA you just made. It is good for testing but is not secure in any way.
The .csr file is a certificate signing request and you can use it to get a certificate from a real CA
to make a S/MIME certificate for firstname.lastname@example.org run
This will make the files email@example.com firstname.lastname@example.org
All of these files can be copied into the ~/.sipCerts directory