Certificate Signing Request Help and Installation Guide
For Mac OS X Tiger Server
1) Certificate Signing Request
2) Installation Steps
1) Certificate Signing Request (CSR)
1. Open Server Admin.
2. In the
Computers & Services
list, select the server for which you are requesting a certificate.
3. Click
Settings
.
4. Click
Certificates
.
5. Click the Add (+) button.
6. Fill out identity information. Note that the
common name
is the fully qualified domain name of the server which uses SSL enabled services.
7. Enter starting and ending validity dates.
8. Select a private key size (2048-bit).
9. Enter a passphrase for the private key and click
Save
. This passphrase should be more secure than a normal password. You should use at least 20 characters, including mixed case, numbers, and punctuation. Do not repeat characters and do not use words contained in the dictionary.
10. Click
Request Signed Certificate
. Your CSR will be generated.
11. Follow the onscreen directions for requesting an SSL/TLS certificate from Entrust and submit your SSL/TLS certificate request.
2) Installation Steps
1. When Entrust completes the order, you will receive an email with a certificate pick up link. Select the link and download your certificate files.
2. On Server Admin, click
Add Signed Certificate
.
3. Open your CSR file generated in the previous part. From your CSR file, copy the characters from
==Begin Certificate==
to
==End Certificate==
into the text box.
4. Click
OK
.
5. Click
Save
.
You must now bind the Server Certificate you have just obtained from Entrust to your server.
When the certificate is implemented for the server, you have to tell which Web site will use this certificate. Go in Server Admin > ConnectToYourServer > Web > Settings > Sites (this is the path for Tiger server). Then choose your site from the list and click the edit button, then go to the
Security
tab. Check the
Enable Secure Sockets Layer (SSL)
checkbox and select the certificate from the drop-down list. Click
Save
, then reset your Web server and you are done.