Obtaining an SSL Certificate

After generating a CSR and a keychain, you continue configuring Mail service for automatic SSL connections by purchasing an SSL certificate from a certificate authority such as Verisign or Thawte. You can do this by completing a form on the certificate authority’s website. When prompted for your CSR, open the csr.txt file using a text editor such as TextEdit. Then copy and paste the contents of the file into the appropriate field on the certificate authority’s website. The websites for these certificate authorities are at

www.verisign.com

www.thawte.com

When you receive your certificate, save it in a text file named sslcert.txt. You can save this file with the TextEdit application. Make sure the file is plain text, not rich text, and contains only the certificate text.

Importing an SSL Certificate Into the Keychain

To import an SSL certificate into a keychain, use the command-line tool certtool. This continues the configuration of Mail service for automatic SSL connections.

1Log in to the server as root.

2Open the Terminal application.

3Go to the directory where the saved certificate file is located.

For example, type cd /private/var/root/Desktop and press Return if the certificate file is saved on the desktop of the root user.

4Type the following command and press Return:

certtool i sslcert.txt k=certkc

Using certtool this way imports a certificate from the file named sslcert.txt into the keychain named certkc.

A message on screen confirms that the certificate was successfully imported.

...certificate successfully imported.

Chapter 11 Working With Mail Service

121

Page 121
Image 121
Apple oxs manual Obtaining an SSL Certificate, Importing an SSL Certificate Into the Keychain