Ask a Question

General Information ID : INFO1948

Managed PKI for SSL - Installation Instructions for Mac OS X Server 10.5

Description

This document provides instructions for installing SSL Certificates for MAC OS X 10.5. If you are unable to use these instructions for your server, Symantec recommends that you contact either the vendor of your software or an organization that supports Apple products.

Step 1: Download and Install Symantec intermediate CA certificates:

  1. Download the Intermediate CA certificate from this link: INFO657
  2. Select the appropriate Intermediate CA certificate for your SSL Certificate type..
    NOTE:If you are not sure which certificate you have purchased, follow these steps from this link: SO22021
     
  3. Copy the certificate imbedded in the body of the email and paste it into a text file using Vi or Notepad.
    NOTE: Do not use Microsoft Word or other word processing programs that may add characters.
     
  4. Make sure there are 5 dashes to either side of the BEGIN CERTIFICATE and END CERTIFICATE and that no white spaces, extra line breaks or additional characters have been inadvertently added.
  5. Save the file as intermediate.txt
  6. Launch the Keychain Access application (/Applications/Utilities/Keychain Access.
  7. If the button at the lower left of the Keychain Access window is labeled "Show Keychains" then click the button to show
    the Keychain list.
  8. Select the "System" keychain.
  9. Select File > Import. Navigate to and select the intermediate.crt file that you downloaded in the steps above.
  10. Enter your password when prompted to authenticate to modify the keychain.
  11. Verify that the Symantec CA Certificate appears in the list. 
  12. Close the Keychain Access application.


Step 2: Obtain and Install the SSL Certificate

  1. Once your Managed PKI for SSL administrator has approved your Certificate request, you will receive an email with the
    Certificate attached (cert.cer), as well as in the body of the email itself. 
  2. Copy the certificate imbedded in the body of the email and paste it into a text file using Vi or Notepad.
    NOTE: Do not use Microsoft Word or other word processing programs that may add characters.

    The text file should look like:

    -----BEGIN CERTIFICATE-----

              [encoded data]

    -----END CERTIFICATE-----

    NOTE: To download the certificate from your Managed PKI for SSL subscriber services page, see solution SO6621

    Please select X.509 as a certificate format and copy only the End Entity Certificate.
     
  3. Save the certificate as public.txt
  4. Launch the Server Admin tool and connect to the server where you want to install the certificate.
    NOTE:  Ensure your have logged on as root.
     
  5. Highlight the server node in the SERVERS list.
  6. Select the Certificates button from the toolbar at the top of the right panel
  7. Select the item representing the certificate you have requested. Click the "Gear" button and then select:

    Add Signed or Renewed Certificate from Certificate Authority

     
     
  8. Paste the text of your certificate into the field. Be sure to include the "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----
    header and footer lines.
  9. Click OK.

     
     
  10. Click the Save button. 


Step 3: Assign the Certificate to your Services

  1. After installing your certificate as well as the intermediate CA certificate, you can assign this certificate to the desired services 
    (Web, Mail, iChat, Open Directory, etc.).
  2. In the appropriate settings pane for the desired service, select the certificate that you have just installed 
  3. Click Save 

     
     
  4. To verify if your certificate is installed correctly, use the Symantec Installation Checker.


Apple Support

           For more information, see the Apple Support Center.