This document provides instructions for installing SSL Certificate on MAC OS X Server 10.4 and assumes that you created the Private Key and CSR using command line.
Step 1: Download the Intermediate CA Certificate
1. Download the RapidSSL intermediate CA certificate.
2. Copy and paste the Intermediate CA certificate by using a text editor like TextEdit.app, Nano or Vi to avoid adding control characters or special fonts to the certificate file.
4. Save the file at /etc/httpd/ssl.crt/intermediate.crt
Step 2: Download the RapidSSL certificate
1. The RapidSSL certificate will be sent by email.
2. Copy the certificate imbedded in the body of the email and paste the file by using a "simple" text editor like TextEdit.app, nano or vi to avoid adding control characters or special fonts to the certificate file.
The text file should look like:
3. Make sure there are 5 dashes to either side of the BEGIN CERTIFICATE and END CERTIFICATE and that no white space, extra line breaks or additional characters have been inadvertently added.
NOTE: The certificate can be also downloaded from the RapidSSL User Portal. Please select X.509 as a certificate format and copy only the End Entity Certificate.
4. To follow the naming convention for Apache, rename the certificate filename with the .crt extension.
5. Copy the Certificate into the directory that you will be using to hold the certificates:
For example: /etc/httpd/ssl.crt/public.crt.
Step 3: Assign the new SSL certificate to the web site
1. Open the Server Admin utility.
2. In the Computers & Services column, open out the current server and select Web.
3. In the main section of the Server Admin screen, select the Sites tab and double-click the site being secured with SSL.
4. Select the Security tab, check the box for Enable Secure Sockets Layer (SSL) if not already checked.
NOTE: If you change this selection, the port number the website operates on may change.
5. If you need the website to operate in both http and https mode, you need to create a copy of the site in Server Admin.
6. In the Certificate: dropdown, select Custom Configuration.
7. A dialogue box appears to specify the locations of the certificate and key files
NOTE: The below assumes the file locations and names have been left as recommended:
For 'Certificate File', enter /etc/httpd/ssl.crt/public.crt
For 'Private Key File', enter /etc/httpd/ssl.key/private.key
For 'Certificate Authority File', enter /etc/httpd/ssl.crt/intermediate.crt
For 'Private Key Passphrase', leave empty unless a password has been set on the private key
8. Click OK on the dialog box, click Save on the Server Admin window and click Restart when prompted.
NOTE: If there are any errors during the restart process, review the logs to determine the problem.
The most common issue is an incorrectly specified certificate file or a mismatch between the private key and SSL certificate.
9. To verify if your certificate is installed correctly, use the Installation Checker