"When SSL is used with the Apache via the mod_ssl module, it
will create an encrypted RSA file which has two components a
private file which is kept secure on the server and a public file
which is placed in the Certificate file and is thus used by users
when they connect to the server. Users will be able to communicate
securely then using the encryption that results in this kind of
communication. New standards are requiring a 2048-bit key instead
of the older 1024-bit key.
"An official SSL Certificate is required in order to satisfy
browsers and customers on a web site.
"A Certificate Signing Request (CSR) must be created that
contains the public key of the web site that will be installed in
the certificate. This key identifies the owner of the web site and
this is the information that you see when you view a
"Country – State – Company – Organizational
Unit – Domain – Email of Administrator
"The CSR must be sent to a Certifying Authority (CA) who will
then convert the certificate into a real Certificate which can be
placed on the server with the signature of the signing authority.
In this process the signing authority verifies the company is who
they say they are on the certificate."