This document provides instructions for generating Certificate Signing Request for MAC OS X 10.3. If you are unable to use these instructions for your server, RapidSSL recommends that you contact Apple.
NOTE: To generate a CSR, you will need to create a key pair for your server. These two items are a digital certificate key pair and cannot be separated. If you lose your public/private key file or your password and generate a new one, your SSL Certificate will no longer match.
Step1: Generate the Private Key
1. Log in to the server using the root password and open the Terminal application.
2. At the prompt, type these commands and press Return at the end of each one:
openssl sha1* > rand.dat
openssl genrsa -rand rand.dat -des 2048 > key.pem
3. At the next prompt, type a pass phrase, then press Return.
NOTE: The pass phrase created unlocks the server's certificate key and
will be used when enabling SSL on the web server.
4. If is doesn't already exist on the server, create a folder with the
following name: /etc/httpd/ssl.key/
Step 2: Generate the CSR
1. At the prompt, type the following command and press Return:
openssl req -new -key key.pem -out csr.pem
2. When prompted, enter the following information:
3. To view the content of the CSR use the command:
4. Remember to back up the private key and the CSR to a removable disk in case of server problems.
5. Then open the CSR using a text editor, such as Notepad, and copy and paste the contents of the
CSR into the appropriate text field when requesting a certificate.
6. Remember to include the five dashes before "Begin Certificate Request" and after
"End Certificate Request".
Once the certificate has been issued, refer to this link for installation instructions: SO22533
For more information contact Apple Support.