This document provides instructions for installing SSL Certificate for MAC OS X 10.3. If you are not able to follow these steps, Symantec recommends that you contact Apple.
The OS X Server makes setting up SSL quick and easy. While the set up is similar to the procedure you would follow for Apache mod_SSL, manually updating the httpd.conf folder is not required. OS X Server provies a GUI interface that will allow you to bypass any of these modifications. The procedure for installing the SSL certificate on a Macintosh OS X Server (v10.3) is provided below:
Step 1: Download the updated intermediate CA certificate
- Download the Intermediate CA certificate from this link.
- Select the appropriate Intermediate CA certificate for your SSL Certificate type.
NOTE: If you are not sure which certificate you have purchased, follow these steps.
- Paste the Intermediate CA certificate by using a "simple" text editor like TextEdit.app, nano or vi to avoid adding control characters or special fonts to the certificate file.
- Save the file into /etc/httpd/ssl.crt/intermediate.crt
Step 2: Download and install the SSL certificate
- The Symantec certificate will be sent by email. The certificate will be available as a download link, also as an attachment (Cert.cer), and pasted in the bottom of the email body.
- If copying the certificate imbedded in the body of the email, paste the certificate by using a "simple" text editor like TextEdit.app, nano or vi to avoid adding control characters or special fonts to the certificate file.
The text file should look like:
- Make sure there are 5 dashes to either side of the BEGIN CERTIFICATE and END CERTIFICATE and that no white spaces, extra line breaks or additional characters have been inadvertently added.
NOTE: Click here to download the certificate from your Managed PKI for SSL subscriber service page.
Please select X.509 as a certificate format and copy only the End Entity Certificate.
- To follow the naming convention for Apache, rename the certificate filename with the .crt extension. For example: public.crt
- Save the Certificate into following directory /etc/httpd/ssl.crt/public.crt
- Save the priavte key file into /etc/httpd/ssl.key/
NOTE: All three files: the ssl.key, public.crt and Intermediate.crt must be saved in the same directory.
- Open the Server Admin Utility, click Web on the far left, then Sites from the tabs at the top.
- Double-click on the domain that you want to set up SSL on, and then click the Security tab.
- Change the pass phrase to the private key pass phrase you set up when you created the private key.
- Set the paths for the following:
Certificate file - cert.crt
Key file - private.key
CA file - intermediate.crt
- Restart the webserver.
- Verify your installation with the Symantec Installation Checker