A certificate can either be purchased or you can use the Astro test certificate.
a certificate from a trusted authority (e.g. VeriSign or Thawte). Most
SSL clients will automatically accept "trusted" certificates,
and the host name of the certificate will match the actual host name.
Install the certificate on the server, and specify the path to the certificate in registry key:
Astro Secure BLSA: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AstroSSBLSA\Cert)
Astro Secure Telnet Server: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AstroSSTnSrv\Cert)
For test purpose, Astro provides a 1024-bit x509 certificate. This certificate does not correspond to the host name of your server, and the certificate is not issued by a trusted authority. Therefore, if the Astro test certificate is used, most SSL clients (for example Reflection 11) require that you manually install the certificate as "trusted".
Below is described how to install the Astro certificate on a client, and how to set up Reflection 11 for SSL on the client.
Click SSL Certificate for Astro.
Select Open this file from its current location.
Click Install Certificate....
In the Certificate dialog box, click OK.
Start Internet Explorer.
Select Internet Options.
Select the tab Content.
Select the tab Trusted Root Certification.
Scroll down to find MAsystemCA.
Open a session in Reflection.
Select the tab Connection Setup.
In the Connection Setup dialog box, click the radio button Network.
Click the Security button.
In the dialog box for Security Properties, select the tab SSL/TLS.
Tick Use SSL/TLS security.
If using Astro test certificate: Empty the check box for Certificate host name must match host being contacted.
Back in the Connection Setup dialog box, click the More Settings button.
In the dialog box for More Settings - TELNET, change the TCP port number to 992.
Click OK in the open dialog boxes respectively.