If you want your certificates to match and be protected from man-in-the-middle attacks, you need two things. First, youβll need to buy an SSL (TLS) certificate for a domain name that you own and configure your local web server to use that certificate and its private key to terminate TLS connections. How to do this is specific to your web server and SSL certificate provider and beyond the scope of this documentation. For the sake of example, weβll assume that you were issued an SSL certificate for the domain secure.yourdomain.com.