You will need to create a certificate request when purchasing an SSL / TLS certificate from a third-party vendor.

1. Create a certificate signing request via command line. This can be done on any machine, such as your local development computer.

openssl req -new -newkey rsa:2048 -nodes -keyout mydomain.key -out mydomain.csr

You will now be prompted to provide details for your certificate. This information will be accessible to end users, for example, by clicking the certificate icon in one's Web browser (assuming this certificate is used to encrypt Web traffic).

Common Name: The fully-qualified domain name, or URL, you want to secure. If you are purchasing a wildcard certificate, use an asterisk in place of the subdomain, for example, *

Organization: The legally-registered name for your business. If you are enrolling as an individual, enter the certificate requestor's name.

Organization Unit: If applicable, enter the DBA (Doing Business As) name.

City or Locality: Name of the city where your organization is registered/located. Do not abbreviate.

State or Province: Name of the state or province where your organization is located. Do not abbreviate.

Country: The two-letter International Organization for Standardization (ISO) format country code for where your organization is legally registered.

2. Save the private key generated in step 1 in a safe place. You will need it when renewing a certificate.

3. Go to your preferred SSL certificate vendor's Website and purchase a standard certificate. Features such as "extended validation" are not required in terms of HIPAA and do not improve the strength of encryption. But you might need to purchase a wildcard certificate. Note that this is not the same as a UCC certificate.

You will be asked to paste in the contents of mydomain.csr during the request step.

4. It may take a while (up to several hours) for your vendor to generate the certificate. In addition to receiving your final certificate, you might also receive an intermediate certificate bundle. Save both files.