ANSWER:

Just get a standard certificate for whatever the domain name is that will be used to access resources on that side. There really should need to be anything special.

I am a bit curious about the bit of having you purchase the certificate. Did they send you a certificate signing request? If not, then you should have them generate the private key and CSR for the correct name, so you can purchase the certificate. The private key should be private which means they should be generating it, not you creating one and transferring it to them.

by Zoredache from http://serverfault.com/questions/382765