beautypg.com

Using ssl for remote server administration, Managing sharing – Apple Mac OS X Server (Version 10.6 Snow Leopard) User Manual

Page 148

background image

Using SSL for Remote Server Administration

You can control the level of security of communications between Server Admin and
remote servers by choosing Server Admin > Preferences.

By default, Server Admin treats communications with remote servers as encrypted
using SSL. This uses a self-signed 128-bit certificate installed in /etc/servermgrd/ssl.crt
when you install the server. Communications use HTTPS (port 311). If this option isn’t
possible, HTTP (port 687) is used and clear text is sent between Server Admin and the
remote server.

If you want a greater level of security, also select “Require valid digital signature (SSL).”
By default, “Require valid digital signature (SSL)” is disabled. This option uses an SSL
certificate installed on a remote server to ensure that the remote server is a valid
server.

Before enabling this option, use the instructions in “Requesting a Certificate from a
Certificate Authority” on page 65 for generating a CSR, obtaining an SSL certificate
from an issuing authority, and installing the certificate on each remote server.

Instead of placing files in /etc/httpd/, place them in /etc/servermgrd/. You can also
generate a self-signed certificate and install it on the remote server.

You can use Server Admin to set up and manage self-signed or -issued SSL certificates
used by mail, web, Open Directory, and other services that support them.

“Certificate Manager in Server Admin” on page 62 provides instructions for using
Server Admin to create, organize, and use security certificates for SSL-enabled services.
Individual service administration guides describe how to configure specific services to
use SSL.

If you’re interested in higher levels of SSL authentication, see the information at
www.modssl.org.

Managing Sharing

To work with share points and access control lists, click the File Sharing icon in the
Server Admin toolbar. Learn more in the online help and Mac OS X Server Resources
website at www.apple.com/server/macosx/resources/.

148

Chapter 7

Ongoing System Management

See also other documents in the category Apple Software: