Importing an ssl certificate into the keychain, Creating a passphrase file – Apple Mac OS X Server (version 10.2.3 or later) User Manual
Page 617
Tools for Advanced Administrators
617
Importing an SSL Certificate Into the Keychain
To import an SSL certificate into a keychain, use the command-line tool certtool. This
continues the configuration of mail service for automatic SSL connections.
1
Log in to the server as root.
2
Open the Terminal application.
3
Go to the directory where the saved certificate file is located.
For example, type cd /private/var/root/Desktop and press Return if the certificate file is saved
on the desktop of the root user.
4
Type the following command and press Return:
certtool i sslcert.txt k=certkc
Using certtool this way imports a certificate from the file named sslcert.txt into the keychain
named certkc.
A message on screen confirms that the certificate was successfully imported.
...certificate successfully imported.
Creating a Passphrase File
To create a passphrase file, you will use TextEdit, then change the privileges of the file using
the Terminal application. This file contains the passphrase you specified when you created
the keychain. The mail service will automatically use the passphrase file to unlock the
keychain that contains the SSL certificate. This concludes configuring mail service for
automatic SSL connections.
1
Log in to the server as root (if you are not already logged in as root).
2
In TextEdit, create a new file and type the passphrase exactly as you entered it when you
created the keychain.
Do not press Return after typing the passphrase.
3
Make the file plain text by choosing Make Plain Text from the Format menu.
4
Save the file, naming it cerkc.pass.
5
Move the file to the root keychain folder.
The path is /private/var/root/Library/Keychains/.
To see the root keychain folder in the Finder, choose Go to Folder from the Go menu, then
type /private/var/root/Library/Keychains/ and click Go.
LL0395.Book Page 617 Wednesday, November 20, 2002 11:44 AM