1: Given a node A and the Certificate Authority CA

2: A sends its identity and a new certificate to CA, using HTTPS on top of a wireless access-point.

3: CA will sign A’s certificate with its private key.