diff --git a/docs/simplesamlphp-idp.txt b/docs/simplesamlphp-idp.txt
index 63e1754ebb6c89da9451f84a9fca6641c4682a38..a370a80c531e32676cd0822d47d8042269c2a00a 100644
--- a/docs/simplesamlphp-idp.txt
+++ b/docs/simplesamlphp-idp.txt
@@ -156,11 +156,10 @@ For more information about available options in the sp-remote metadata files, se
 Creating a SSL self signed certificate
 --------------------------------------
 
-For test purposes, you can skip this section, and use the certificate
-included in the simpleSAMLphp distribution.
+For test purposes, you can skip this section, and use the certificate included in the simpleSAMLphp distribution.
+
+Here is an example of an `openssl`-command which can be used to generate a new private key key and the corresponding self-signed certificate.
 
-Here is an example of an `openssl`-command which can be used to generate
-a new private key key and the corresponding self-signed certificate.
 This key and certificate can be used to sign SAML messages:
 
     openssl req -new -x509 -days 3652 -nodes -out example.org.crt -keyout example.org.pem
@@ -170,8 +169,7 @@ The certificate above will be valid for 10 years.
 
 ### Note ###
 
-simpleSAMLphp will only work with RSA certificates. DSA certificates
-are not supported.
+simpleSAMLphp will only work with RSA certificates. DSA certificates are not supported.
 
 
 ### Warning ###
diff --git a/docs/simplesamlphp-sp.txt b/docs/simplesamlphp-sp.txt
index d1c7d4f1b0296f28c840de4b6df3f6aa0d81100b..215ab1dbeb2e6cce2bfbd40ba4a45fe1bfbdb89c 100644
--- a/docs/simplesamlphp-sp.txt
+++ b/docs/simplesamlphp-sp.txt
@@ -43,6 +43,24 @@ If you want mulitple Service Providers in the same site and installation, you ca
 		'entityID' => 'https://sp2.example.org/,
 	),
 
+### Enablig a certificate for your Service Provider
+
+Some Identity Providers / Federations may require that your Service Providers holds a certificate. If you enable a certificate for your Service Provider, it may be able to sign requests and response sent to the Identity Provider, as well as receiving encrypted responses.
+
+Create a self-signed certificate in the `cert/` directory.
+
+	cd cert
+	openssl req -new -x509 -days 3652 -nodes -out saml.crt -keyout saml.pem
+
+
+Then edit your `authsources.php` entry, and add references to your certificate:
+
+	'default-sp' => array(
+	    'saml:SP',
+	    'privatekey' => 'saml.pem',
+	    'certificate' => 'saml.crt',
+	),
+
 
 Adding IdPs to the SP
 ---------------------