The Server Admin interface is shown below, with Certificates selected.

Certificate Manager provides integrated management of SSL certificates in

Mac OS X Server for services that allow the use of SSL certificates. On installation, the server creates a self-signed certificate for immediate use from information you put in during server setup.

Certificate Manager uses Mac OS X’s Certificate Assistant to create self-signed certificates and certificate-signing requests (CSRs) to obtain certificates signed by a CA. The certificates, self-signed or signed by a CA, are then accessible by services that support SSL.

Certificate Manager in Server Admin doesn’t allow you to sign and issue certificates as a CA, nor does it allow you to sign and issue certificates as a root authority. If you need these functions, you can use Certificate Assistant in Keychain Access (located in /Applications/Utilities/). It provides these capabilities and others for working with x.509 certificates.

Identities that were created and stored in OpenSSL files can also be imported into Certificate Manager. They are accessible to services that support SSL. Self-signed and CA-issued certificates you created in CA Assistant can be used in Certificate Manager by importing the certificate.

Certificate Manager displays the following for each certificate: ÂÂ The domain name the certificate was issued for

ÂÂ The expiration date of the certificate

ÂÂ When selected, the detailed contents of the certificate

Chapter 4    Enhancing Security

63

Page 63
Image 63
Apple 10.6 manual Enhancing Security