You can go to the website of your preferred CA and choose a certificate that best suits your needs from the options listed. The next step would be to generate a CSR. Once that’s submitted, the CA will contact the owners of the domains that the certificate has been requested for and take the necessary verification steps.