Just was playing with e-commerce and needed to make a test certificate. Pages I found were too complicated (un-needed steps).
Do whatever scottg site says for your version:
http://www.scottg.net/webtools/aolserver/modules/nsopenssl/
If you are on a linux distro - remember to install it from your DVD (it being openssl with dev option if there is one).
TEST CERTIFICATE: (these are the SUSE 8.1 default paths)
/usr/local/ssl/misc/CA.pl -newcert (creates newreq.pem)
/usr/bin/openssl rsa -in newreq.pem -out keyfile.pem
You now have newreq.pem and keyfile.pem.
Edit newreq.pem, delete EVERYTHING BEFORE the line that starts:
-----BEGIN CERTIFICATE-----
and EVERYTHING AFTER the line
-----END CERTIFICATE-----
(there probably will NOT be anything after it - but just in case).
Save this file as certfile.pem.
You probably need to make this directory:
mkdir -p /web/aolserver/servers/${server}/modules/nsopenssl
where ${server} is whatever you named this server in your config.tcl file.
Copy or move certfile.pem and keyfile.pem to that directory. Fire up nsd - tail the error log, fix any problems :)