You can either buy an SSL (X.509) certificate or generate your own (a self-signed certificate) for testing or, depending on the application, even in a production environment.
Good news: If you self-sign your certificates you may save a ton of money.
For we, mere mortals, its chief merit may be that it's shorter (3 versus 4 syllables).
It is thus a dead standard, (dead as in a dead parrot) and indeed RFC 7568 has finally deprecated SSL v3.
When a secure connection is initially established it will, depending on the implementation, negotiate support of the particular protocol from the set SSLv3, TLSv1, TLSv1.1 or TLSv1.2.
Such is the pervasive power of the name SSL that in most cases what is called SSL is most likely using TLS - for instance Open SSL supports both SSL (v3) and TLS (TLSv1, TLSv1.1 and TLSv1.2) protocols.
The RFC may also be viewed at XXXX/ which also contains various RFC status information (including errata) together with a list of alternative formats, such as, text, PDF and HTML (this is the working area version of the document). We update the page from time-to-time when we can think of nothing better to do with our lives and now keep a change log in case you ever happen to read it twice. Secure Sockets Layer (SSL) is a Netscape protocol originally created in 1992 to exchange information securely between a web server and a browser where the underlying network was insecure.
It went through various iterations and is now at version 3 (dating from 1995) and used in a variety of clientserver applications.