Implemeting web services security through certificates

we need to implement security for web services using ws-security and end point alias through certificates and have never worked on them before. I read the documentation but could not uderstand much, if any one has implemented it could you please provide the information. Adding to that we don’t know how to create the certificates also. It would be helpful if detalied info is provided.

Thanks in Advance