- DigiCert -- SSL Plus
- GlobalSign -- Organization SSL
- StartCom -- StartSSL EV
- Symantic/Verisign -- Secure Site SSL
- Entrust -- Standard SSL
- IdenTrust -- TrustID Server (SSL)
- Thawte -- SSL Web Server
When obtaining a SSL certificate you will be required to generate a Certificate Signing Request (CSR). This can be done on any computer using openSSL.
When creating the CSR you will be asked for the Common Name (CN). The CN in the CSR is a Fully Qualified Domain Name (FQDN) that your company owns. This can be the top level domain name; there is no need to create a subdomain. You can use a domain that already has a SSL certificate installed on the webserver.
Please note that the use of the SSL certificate in the IDES system differs from its use securing a webserver. The SSL certificate that you obtain for use in the IDES system does not have to be installed on any computer. It will be uploaded to your account during an IDES account administrator’s enrollment.
When you create the CSR you will be generating a key pair, a public and a private key. You will not send the private key to the CA when you provide them with the CSR. Please be sure to keep the private key on a secure computer for future use. Do not transmit the private key over any system that is not secure. During the data preparation process you will be using the private key to digitally sign your XML payload file.
For more basic information about CSRs please see the Wikipedia article.