How to obtain a digital certificate for a server

In order to use SSL-protected communications, such as exchanging Web traffic using the HTTPS protocol, an enterprise must first purchase and then install a digital certificate on its server. In this expert Q&A, Mike Chapple explains how to do just that.

Mike Chapple, University of Notre Dame

How can I obtain a digital certificate for my server? Why would I want to do this?

Digital certificates are a critical component of Internet security. They allow Internet users to securely and reliably retrieve the public keys of application servers, such as web and file servers, facilitating the secure, encrypted exchange of information.

In order to use SSL-protected communications, such as exchanging Web traffic using the HTTPS protocol, an enterprise...

Step 2 of 2:

You forgot to provide an Email Address.

This email address doesn’t appear to be valid.

This email address is already registered. Please log in.

You have exceeded the maximum character limit.

Please provide a Corporate Email Address.
- I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.
Please check the box if you want to proceed.
- I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.
Please check the box if you want to proceed.

must first purchase and then install a digital certificate on its server. This involves selecting a certificate authority (such as Verisign or Thawte), proving your identity to that CA, paying a certificate fee and installing the certificate on the server. The exact technical steps will depend upon the type of server you're running, but each CA has detailed instructions on their websites for obtaining a certificate.

It's important that you obtain a digital certificate if you wish to provide users with the ability to securely connect to your website. Without a certificate, they will be unable to use SSL encryption to connect to your site and will not have a guarantee of your server's identity or the peace of mind that their information is encrypted while in transit over the Internet.

More information:

A SearchSecurity.com reader asks Michael Cobb, "When choosing a digital certificate, how important is the expiration period?"

Learn more about the personal digital certificates that enterprises will need during a PKI implementation.

This was last published in December 2008

certificate authority (CA)

SSL (secure sockets layer)

Amazon Trust Services

PKI (public key infrastructure)

Dig Deeper on PKI and digital certificates

certificate authority (CA)

SSL (secure sockets layer)

Amazon Trust Services

PKI (public key infrastructure)

Related Q&A from Mike Chapple

Stateful vs. stateless firewalls: Understanding the differences

Wired vs. wireless network security: Best practices

The difference between AES and DES encryption