To understand secure certificates, We will need to explain what an encrypted connection is, in an encrypted connection, the server gives the client a key and tells it, whatever data i send you, you can decrypt with this key, You can also use this key to encrypt data you send to me, So the server has 2 keys, one private and one public (the public is sent to the client), The private key can decrypt what has been encrypted with a public key, and the public key can decrypt what has been encrypted with a private key
A Secure Certificate is a certificate that assures the browser that the person giving us the key is indeed the person we think it is, or in other words, the identity checks have been done by the certificate issuers so you don't need to.
The chain is as follows, Your web browser trusts us (and some others), and therefore if we say (we have checked that this is actually the tomato company), then it is the tomato company and not someone acting as the tomato company.
Since the certificate is technically part of the SSL encryption (just like the Private key and the public key), Sometimes you know the machine you are connecting to, and don't need anyone (like us) to testify to you that this computer is who it is supposed to be, in that case, you can sign your own certificate which is in effect like saying (We say we are the tomato company)
It depends on how much information is provided in that certificate, For example, the entry level certificate simply ensures that you (the server owner) actually control the domain you are asking to certify by sending a verification email to the email in the domain's Whois, such a certificate costs $29.99 because it is automated, Higher assurance certificates requires you to send us papers proving who you are and therefore we can assure your visitors who you actually are and not simply that you control the domain name, this type of certificate is more expensive since it requires extra work on our side, (See prices for levels above)
All certificates will work for your domain and 1 sub domain (www), if you want all sub domains to be included in a certificate, you will need a special kind of certificate called a wildcard certificate which normally costs more.
Although the instructions are provided for 1 server, You may copy the private and public key to another server in order to allow a second server to use a certificate, and therefore, technically speaking, if you understand how the system works, you can extend any certificate to any number of web servers.
If you would like to know more, you may be interested in visiting this website