Creating a Self-Signed Certificate
A
When you create a
If you’re using a
To create a self-signed certificate:
1In Server Admin, select the server that has services that support SSL.
2Click Certificates.
3Click the Add (+) button and choose Create a Certificate Identity.
Certificate Assistant launches, populated with information needed to generate the certificate.
4If you override the defaults, choose “Let me override defaults” and follow the onscreen instructions.
5When finished, click Continue.
6Confirm the certificate creation by clicking Continue.
The Certificate Assistant generates a key pair and certificate. Certificate Manager encrypts the files with a random passphrase, puts the passphrase in the System keychain, and puts the resulting PEM files in /etc/certificates/.
Requesting a Certificate from a Certificate Authority
Certificate Manager helps you create a CSR to send to your designated CA.
You need a certificate for the CA to sign. You can use the one that was generated at server setup, but more likely you will want to generate one that has all the details the CA requires before signing. If you need to generate a certificate before getting it signed, see “Creating a
To request a signed certificate:
1In Server Admin, select the server that has services that support SSL.
2Click Certificates.
3Select the certificate you want signed.
Chapter 4 Enhancing Security
65
