This document provides instructions for installing a SSL certificate for MAC OS X 10.7. If you cannot use this solution for your server, DigiCert recommends you contact Apple.
NOTE: If you have not yet generated the CSR, please see this solution.
Step 1: Obtain the SSL Certificate
- Once your Managed PKI for SSL administrator has approved your Certificate request, you will receive an email with a certificate download link, also attached (cert.cer), as well as in the body of the email itself.
- If copying the certificate from the body of the email, copy and paste it into a text file using Vi or Notepad.
NOTE: Do not use Microsoft Word or other word processing programs that may add characters. Confirm that there are no extra lines or spaces in the file.
The text file should look like:
NOTE: Click here to download the certificate from your Managed PKI for SSL subscriber services page.
Please select X.509 as a certificate format and copy only the End Entity Certificate.
- Save the certificate as public.txt
Step 2: Install the SSL Certificate
- Open up Profile Manager.
- Click on Manage Certificate.
- Replace certificate with the SSL certificate you downloaded in Step 1.
- Drag the certificate here, and click on Replace Certificate button.
- Then open up KeyChain, you need to configure the certificate to make sure it's trusted.
- Download the Intermediate CA certificate from this link.
- Select the appropriate Intermediate CA certificate for your SSL Certificate type.
NOTE: If you are not sure which certificate you have purchased, follow these steps from this link.
- Copy and paste it into a text file using Vi or Notepad
- Make sure there are 5 dashes to either side of the BEGIN CERTIFICATE and END CERTIFICATE and that no white spaces, extra line breaks or additional characters have been inadvertently added.
- Save the file as intermediate.txt.
- You can simply drag the CA certificate to the System KeyChain.
- From the KeyChain, examine the certificate.
- Once you have examined the details, expand the Trust section and choose Always Trust for both
X.509 Basic Policy and the When using this certificate pull-down.
- Finally, click the Always Trust button.
- Check to make sure the installed certificate is correctly assigned to the web service.
- Verify your installation with the DigiCert Installation Checker.