Ask a Question

Certificate Signing Request (CSR) Generation Instructions for MAC OS X 10.3

Solution


This document provides instructions for generating Certificate Signing Request for MAC OS X 10.3. If you are unable to use these instructions for your server, RapidSSL recommends that you contact Apple. 

NOTE: To generate a CSR, you will need to create a key pair for your server. These two items are a digital certificate key pair and cannot be separated. If you lose your public/private key file or your password and generate a new one, your SSL Certificate will no longer match.

Step1: Generate the Private Key

    1.    Log in to the server using the root password and open the Terminal application.

    2.    At the prompt, type these commands and press Return at the end of each one:

           cd

           openssl sha1* > rand.dat

           openssl genrsa -rand rand.dat -des 2048 > key.pem


    3.    At the next prompt, type a pass phrase, then press Return.
           NOTE: The pass phrase created unlocks the server's certificate key and
           will be used when enabling SSL on the web server.
 
    4.    If is doesn't already exist on the server, create a folder with the
           following name: /etc/httpd/ssl.key/


Step 2: Generate the CSR

    1.    At the prompt, type the following command and press Return: 

           openssl req -new -key key.pem -out csr.pem 
 
    2.    When prompted, enter the following information:

  • Country: Country where your organization is located. Two letter abbreviation
  • State: Type the full name of your state.
  • Locality: This is the city your organization is located.
  • Organizational Name: This is the organization that your domain name is registered under.
  • Organizational Unit: Department within organization.
  • Common Name of your web server:  A Fully Qualified Domain Name such as www.domain.com
  • Email Address:  Optional
     

    3.    To view the content of the CSR use the command: 

           cat csr.pem
 
    4.    Remember to back up the private key and the CSR to a removable disk in case of server problems.
 
    5.    Then open the CSR using a text editor, such as Notepad, and copy and paste the contents of the
           CSR into the appropriate text field when requesting a certificate.

    6.    Remember to include the five dashes before "Begin Certificate Request" and after
           "End Certificate Request".  


Once the certificate has been issued, refer to this link for installation instructions: SO22533


Apple

           For more information contact Apple Support.