Step 1: Obtain a signed certificate

The first step in securing communications using SSL is to obtain a signed certificate.

Two options are available for obtaining a signed certificate:
  • Use a commercial root certificate authority (CA) such as Comodo, DigiCert, etc. This option can be more expensive but the process is simpler. Also, the client applications will trust these certificates without requiring additional configuration.
  • Be your own root CA. This option is free but requires additional work and configuration.
This section provides the procedures for obtaining a signed certificate using these two options. At the end of the procedure, you will have the following files:
The following diagram shows the files that get generated by each procedure and where they need to be installed:
Obtaining an SSL signed certificate