What does it mean?
In order to secure the web site with SSL, you first need to buy a certificate.
A certificate is a document that your website will send back to the browsers as an Official identification for your web site, and your business.
The certificate is issued by certified companies who are called Certificate Authorities`.
Types of SSL Certificates:
First of all you have to decide which certificate type you should chose for your web site. There are three types:
- Domain Validation (DV) SSL Certificate: This is the simplest type of certificate, where the
CAchecks only that the applicant owns or has the right to use the domain name. - Organization Validation (OV) SSL Certificates: The
CAchecks more about the company owns the domain name, and display more information about the company owns the domain. - Extended Validation (EV) SSL Certificate: The
CAconducts a thorough check on the organization with some standard guidelines defined by the industry. This is usually required for organizations that require to have payments managed by on their own website and their own software.
How to buy a certificate:
After you decided what type of certificate you want to buy, you search for a suitable CA authority to buy your certification from. The CA authority requires from your side a request called Certificate Signing Request (CSR).
There are many ways to generate the CSR. I will describe the process using OpenSSL tools.
First you need to generate a private key:
1openssl genrsa -out domain.com.key 2048
And then create the CSR:
1openssl req -new -sha256 -key domain.com.key -out domain.com.csr
This will generate the CSR file, which you will send to the CA authority, which in return will send you the certificates.