Ask a Question

Solution ID : SO22149

Last Modified : 05/18/2018

Managed PKI for SSL - Installation Instructions for Mac OS X Server v10.3.9

Solution

This document provides instructions for installing SSL Certificate for MAC OS X 10.3. If you are not able to follow these steps, Symantec recommends that you contact Apple.

The OS X Server makes setting up SSL quick and easy. While the set up is similar to the procedure you would follow for Apache mod_SSL, manually updating the httpd.conf folder is not required. OS X Server provies a GUI interface that will allow you to bypass any of these modifications. The procedure for installing the SSL certificate on a Macintosh OS X Server (v10.3) is provided below:
 

Step 1: Download the updated intermediate CA certificate

  1. Download the Intermediate CA certificate from this link.
  2. Select the appropriate Intermediate CA certificate for your SSL Certificate type.
    NOTE: If you are not sure which certificate you have purchased, follow these steps.
  3. Paste the Intermediate CA certificate by using a "simple" text editor like TextEdit.app, nano or vi to avoid adding control characters or special fonts to the certificate file.
  4. Save the file into /etc/httpd/ssl.crt/intermediate.crt
     

Step 2: Download and install the SSL certificate     

  1. The Symantec certificate will be sent by email.  The certificate will be available as a download link, also as an attachment (Cert.cer), and pasted in the bottom of the email body.
  2. If copying the certificate imbedded in the body of the email, paste the certificate by using a "simple" text editor like TextEdit.app, nano or vi to avoid adding control characters or special fonts to the certificate file.

    The text file should look like:

    -----BEGIN CERTIFICATE-----
              [encoded data]
    -----END CERTIFICATE-----
     
  3. Make sure there are 5 dashes to either side of the BEGIN CERTIFICATE and END CERTIFICATE and that no white spaces, extra line breaks or additional characters have been inadvertently added.

    NOTE: Click here to download the certificate from your Managed PKI for SSL subscriber service page.
    Please select X.509 as a certificate format and copy only the End Entity Certificate.
     
  4. To follow the naming convention for Apache, rename the certificate filename with the .crt extension. For example: public.crt
  5. Save the Certificate into following directory /etc/httpd/ssl.crt/public.crt
  6. Save the priavte key file into /etc/httpd/ssl.key/
    NOTE: All three files: the ssl.key, public.crt and Intermediate.crt must be saved in the same directory.
  7. Open the Server Admin Utility, click Web on the far left, then Sites from the tabs at the top.
  8. Double-click on the domain that you want to set up SSL on, and then click the Security tab.
  9. Change the pass phrase to the private key pass phrase you set up when you created the private key.
  10. Set the paths for the following:

    Certificate file - cert.crt

    Key file - private.key

    CA file - intermediate.crt

     
  11. Restart the webserver.
  12. Verify your installation with the Symantec Installation Checker