Creating versus Purchasing a SSL Certificate
Based on the needs of your website, you may decide to either create a self-signed certificate or purchase an SSL certificate. If your site only handles minimally senstitive data, then creating your own self-signed certificate may be appropriate.
If your site handles extremely senstitive data (such as credit card information), you should purchase an SSL certificate. Buying a certificate offers a third-party verification system to ensure visitors the security of your site.
Generating a Certificate Signing Request (CSR)
Whether you are getting a certificate from a CA or generating your own self-signed certificate, the first step is to generate a key.
To generate the keys for the Certificate Signing Request (CSR) run the following command from a terminal prompt:
# openssl genrsa -des3 -out server.key 1024
Generating RSA private key, 1024 bit long modulus
…………………++++++
…………………++++++
Enter pass phrase for server.key:
You can now enter your passphrase. For best security, it should at least contain eight characters. The minimum length when specifying -des3 is four characters. It should include numbers and/or punctuation and not be a word in a dictionary. Also remember that your passphrase is case-sensitive. Re-type the passphrase to verify. Once you have re-typed it correctly, the server key is generated and stored in the server.key file.
SSL/TLS Manage Certificate Sharing
If you are the server administrator, you can choose to allow your customers to share your SSL certificate.
1. Click Change Certificate Sharing Permissions to begin.
2. On the Manage SSL Certificate Sharing screen, click Enable Sharing.
Click Disable Sharing if you want to disallow users from sharing your certificate.
3. Under the Certificate Linking heading, select a domain to see an accurate link example.
How to customize SSL Certificate buttons URL
To customize the Buy SSL Certificate and View Certificates buttons URL:
On Linux systems, issue the following command:
/usr/local/psa/bin/interface_template -p -cert_purchasing_url [url]
To remove the buttons for viewing and purchasing SSL certificates:
On Linux systems, issue the following command:
/usr/local/psa/bin/interface_template -p -cert_purchasing true
Wrong certificate error when I open any domain via HTTPS.
Look into /etc/httpd/conf.d/ssl.conf for the line like:
VirtualHost _default_:443
If it exists you have to delete/comment this default SSL virtual host starting from the
“VirtualHost _default_:443″ line and ending with “/VirtualHost”.
Then stop and start (not restart!) Apache server.
/etc/init.d/httpd stop && /etc/init.d/httpd start
Reference : http://parallels.com