For configuring SSL, OneData always recommends you to use a signed certificate from a certificate authority (CA) of your choice. To obtain a signed certificate from a CA, you have to first create a Certificate Signing Request (CSR) and submit it to CA. The certificate authority uses the CSR to create a signed certificate that identifies your website as secure and returns the newly created certificate to you. You must then replace the original self-signed certificate in your keystore with a chain certificate (chain of certificates) by importing it.