How to buy a X.509 certificate for signing digital payloads

certificate soap web-services

Start with a Client authentication certificate which probably is good enough. You have two options:

1) Buy an email certificate. These are also client certificates and allow signing and are cheap.

2) Get a free server certificate from Letsencrypt. These come with the extensions below that might be good enough for your use case:

    X509v3 extensions:
        X509v3 Key Usage: critical
            Digital Signature, Key Encipherment
        X509v3 Extended Key Usage: 
            TLS Web Server Authentication, TLS Web Client Authentication
        X509v3 Basic Constraints: critical

The only challenge for these is that you need to own a valid domain to request them. The good news is that the ceritificate is for free

Related

connect to 3rd party VPN server but don't use it as the default route?
Referencing AWS Parameter Store's Secure String in CloudFormation template
Python 3 garbage data into the struct.unpack
How to get common elements from three array list optimally?
Dropdown Menu inside a Navigation Bar
The requested resource / was not found on this server PHP
'Invariant Violation: requireNativeComponent: "RNSScreen" was not found in the UIManager.' error in react native cli
Multiple readmore buttons working at the same time
How do I accept input from arrow keys, or accept directional input?
Disable Tailwind on a div or component
React Native - Too Many Re-Renders
What is considered best practice for calling/triggering methods on one A-Frame Components from another?