SSL certificates can be created locally on most servers, but they do not provide the same level of security as a third party certificate. The customer accessing the web page using a locally signed certificate will also have to accept the certificate. For this reason it is important to purchase a certificate from a recognized vendor.
Purchasing from a well recognized vendor will help your customers trust you and have the least issues.
Well recognized vendors include:
verisign.com
thawte.com
comodo.com
entrust.com
godaddy.com
Not all certificate authorities will be 100% browser capable so using one of the listed vendors will give you the most chance of having the certificate authority available in the customers browser.
Fully installing the certificate chain will allow your customer to install additional certificate authorizes but some users may be unwilling or unable to install the certificate authority.
