Ask a Question

Solution ID : SO20050

Last Modified : 05/02/2018

Certificate Signing Request (CSR) Generation Instructions for Apple Mac OS X Server 10.7

Solution


This document provides instructions how to generate certificate signing request (CSR) for Apple Mac OS X Server 10.7. If this document can not be used on the server, please contact Apple Support.
 

Step 1: Start Profile Manager

  1. Login to the server, and in the Services list, click Profile Manager.
  2. Make sure to Click Settings option, then click on Edit button.


     
  3. In the Manage Certificates screen, click on the plus sign and choose Create a Certificate Identity.


     
  4. Please make sure to tick SSL Server in the Certificate Type. Also enter a name for the certificate for reference.


     
  5. This step would create a self-signed certificate, which is required before you can generate a new CSR.


     

Step 2: Generate the CSR

  1. In the Certificate Information page, leave the value as default.


     
  2. Next please enter the distinguish name of your CSR


     
  3. Select keysize as 2048 bit.


     
  4. Leave the key extension as default.


     
  5. Leave the Basic Constraints value as default.


     
  6. If prompted for Subject Alternative Names, leave this section blank.  Now you would see a certificate summary page.


     
  7. Click on "Allow" to export the key


     
  8. Go back to server.app and then Manage certificates
  9. Now click on Create Certificate Signing Request (CSR) as shown in the diagram below.


     
  10. A CSR should be displayed at this stage.


     
  11. Use this CSR for enrolment of the SSL certificate.

            NOTE: During the enrolment open the file you created from the above steps and copy the contents into the enrollment form when requested for the CSR. 

 Back up your Private Key

           RapidSSL recommends backing up the .key file and storing of the corresponding pass phrase.  A good choice is to create a copy of this file onto a removable media. While backing up the private key is not required, having one will be helpful in the instance of server failure.

Contact Information

            During the verification process, RapidSSL may need to contact your organization.  Be sure to provide an email address, phone number and fax number that will be checked and responded to quickly. These fields are not part of the certificate.
 

Once the certificate has been issued, refer to this link for installation instructions.