3.6. Getting a real certificate

Having created the CSR, you send it off to your chosen CA (typically by pasting it into a web form or including it in an e-mail) together with other information about the organisation running the site, and details of how you plan to pay for your certificate. The CA will probably want further supporting hard copy documentation, in particular to demonstrate that you really represent the organisation described in the request and that the domain name entered in "Common Name" is registered to you.

Within the University of Cambridge, the Computing Service acts as an agent for a global CA (currently Thawte Consulting) and is able to locally administer certificates for computers with hostnames in cam.ac.uk. See http://www.cam.ac.uk/cs/tlscerts/ for further details of this arrangement.

Once they are satisfied (and you have paid them) your CA will send your certificate back to you, probably by e-mail or as a password-protected web download.