ÂÂ To export a certificate to OpenSSL:

$ sudo certadmin export

For more information, see the certadmin man page. You can also access the System keychain locally from Keychain Access.

Creating a Password File from the Command Line

The password file contains the password you specified when you created the keychain. Mail service uses the password file to unlock the keychain that contains the SSL certificate.

Creating the Password File in the Keychain

1Log in to the server as root.

2In TextEdit, create a file and enter the password as you entered it when you created the keychain.

Don’t press Return after entering the password.

3Make the file plain text by choosing Make Plain Text from the Format menu.

4Save the file, naming it cerkc.pass.

5Move the file to the root keychain folder.

The path is /private/var/root/Library/Keychains/.

To see the root keychain folder in the Finder, choose Go to Folder from the Go menu, enter /private/var/root/Library/Keychains/, and then click Go.

6In the Terminal application, change the access privileges to the password file so only root can read and write to this file.

Do this by entering the following commands, pressing Return after each one:

cd /private/var/root/Library/Keychains/ chmod 600 certkc.pass

Mail service can now use SSL for secure IMAP connections.

7Log out from the server.

Note: If Mail service is running, stop it and start it again so it recognizes the new certificate keychain.

Mail service is now configured for automatic SSL connections.

72

Chapter 3    Mail Service Advanced Configuration

Page 72
Image 72
Apple 10.6 manual Creating a Password File from the Command Line, Creating the Password File in the Keychain