Ask a Question

Advanced Search

Solution ID : SO19103

Last Modified : 05/31/2019

Certificate Signing Request (CSR) Generation Instructions for Apple Mac OS X Server 10.7


This document provides instructions how to generate certificate signing request (CSR) for Apple Mac OS X Server 10.7. If you can not perform this steps on the server, please contact Apple Support.

NOTE: To generate a CSR, you will need to create a key pair for your server. These two items are a digital certificate key pair and cannot be separated. If you lose your public/private key file or your password and generate a new one, your SSL Certificate will no longer match.

Step 1: Start Profile Manager

  1. Login to the server, and in the Services list, click Profile Manager.
  2. Make sure to choose the "Settings" option, then click on "Edit" button.

  3.  In the Manage Certificates screen, click on the plus sign and choose " Create a Certificate Identity"

  4. Please make sure to tick "SSL Server" in the Certificate Type. Also enter a  name for the certificate for reference.

  5. This step would create a self-signed certificate, which is required before you can generate a new CSR.


Step 2: Generate the CSR

  1. In the Certificate Information page, leave the value as default.

  2. Next please enter the distinguish name of your CSR

  3. Select keysize as 2048 bit.

  4. Leave the key extension as default.

  5. Leave the Basic Contraints value as default.

  6. At this stage, you can enter the Subject Alternate Name if you like

  7. You would see a certificate summary page

  8. Click on "Allow" to export the key

  9. Go back to and then Manage certificates
  10. Now click on Create Certificate Signing Request (CSR) as shown in the diagram below.

  11. You should see a CSR at this stage. 

  12. Use this CSR for enrolment of your SSL certificate on the portal.
    NOTE: During the enrolment open the file you created from the above steps and copy the contents into the enrollment form 
    when requested for the CSR. 
  13. Verify your CSR


 Back up your Private Key


          Symantec recommends backing up the .key file and storing of the corresponding pass phrase. A good choice is to create a copy of 
          this file onto a removable media. While backing up the private key is not required, having one will be helpful in the instance of 
          server failure.

Contact Information

          During the verification process, Symantec may need to contact your organization. Be sure to provide an email address, phone
          number and fax number that will be checked and responded to quickly. These fields are not part of the certificate.

Once the certificate has been issued, follow the steps from this link to install the certificate on your server: SO19111