We want to set up mutual SSL between Salesforce and our Enterprise Service Bus. The internal security team required that we use a CA signed certificate to authenticate the client(Salesforce).
Third parties trusted CAs that I have contacted says that the signing request must come from the domain owner of where the certificate will reside. The domain owner is Salesforce.com
We have registered my domain in Salesforce: telianorge.my.salesforce.com
Can Salesforce request a certification signing request to a public CA on our behalf?

What is normal procedure for this?