SSL is a protocol that encrypts and secures communication happening over the internet.

TLS Stands for Transport Layer Security. It is just an update of SSL. It is more secure.

Multi-domain certificates, also called SAN (Subject Alternative Name) certificates, secure multiple domains (or) subdomains under a single SSL installation.

Usually, a multi-domain certificate will include 3 domains by default, but you can add up to 250 SANs for an additional fee.

Wildcard certificates secure unlimited subdomains and the main domain under a single installation. If you use multiple subdomains and just one main domain, they are the best encryption option.

Create the Certificate

Create /certificate directory

mkdir /certificate 
cd certificate

Create the certificate

openssl req -new -newkey rsa:2048 -x509 -sha256 -days 365 -nodes -out MyCertificate.crt -keyout MyKey.key

newkey rsa:2048: RSA 2048 is the default on more recent versions of OpenSSL but to be sure of the key size, you should specify it during creation.

x509: Create a self-signed certificate.

sha256: Generate the certificate request using 265-bit SHA (Secure Hash Algorithm)

days: Determines the length of time in days that the certificate is being issued. For a self-signed certificate, this value can be increased as necessary.

nodes: Create a certificate that does not require a passphrase. If this option is excluded, you will be required to enter the passphrase in the console each time the application using it is restarted.