OK, so you go to some site and order a certificate. This process is by
itself complicated enough to where several people have felt the need to
do write-ups about how to do it. Including screen shots with lots of red
circles and warnings. Do this! Don't do that! Remember this! Don't
forget that!

Next, you stress your cc by paying a churlish amount of money.

Getting this far, you've got several passwords to keep track of. And
you're doomed (= you have to pay more money) if you forget any one of them.

Now, some robot does an indifferent survey of your company. This may
include a request for you to call a machine that doesn't even talk back
to you!

When you finally receive the mail with the collection code you must
follow the mysterious instructions herein and go to obscene places in
your browser to export a certain file. This file has an extension that
doesn't necessarily match your imagination of it being a .pfx or a .p12
or a .crt or a .key or a .whatever file when you're done. So you search
the internet for instructions on how to convert from one format to
another (which btw may take you to many interesting places). With some
luck you find what you're looking for - and maybe you even understand
the suggested procedure.

Now it's time to put your newly acquired certificate to work. This -
among many other intransparent actions - involves the use of a MS
program that you don't have. And you cannot just go and download it from
somewhere! No no, at best it's part of a many-gigabyte download of some
SDK that you don't really need. Having resolved this little problem you
must now ...

Arrrghh ....

Who on earth came up with this whole concept????

I've got the Code signing blues!