122

Creating a Passphrase File

To create a passphrase file, you will use TextEdit, then change the privileges of the file using the Terminal application. This file contains the passphrase you specified when you created the keychain. Mail service will automatically use the passphrase file to unlock the keychain that contains the SSL certificate. This concludes configuring Mail service for automatic SSL connections.

1Log in to the server as root (if you’re not already logged in as root).

2In TextEdit, create a new file and type the passphrase exactly as you entered it when you created the keychain.

Don’t press Return after typing the passphrase.

3Make the file plain text by choosing Make Plain Text from the Format menu.

4Save the file, naming it cerkc.pass.

5Move the file to the root keychain folder.

The path is /private/var/root/Library/Keychains/.

To see the root keychain folder in the Finder, choose Go to Folder from the Go menu, then type /private/var/root/Library/Keychains/ and click Go.

6In the Terminal application, change the access privileges to the passphrase file so only root can read and write to this file.

Do this by typing the following two commands, pressing Return after each one:

cd /private/var/root/Library/Keychains/

chmod 600 certkc.pass

Mail service of Mac OS X Server can now use SSL for secure IMAP connections.

7Log out as root.

Note: If Mail service is running, you need to stop it and start it again to make it recognize the new certificate keychain.

Setting Up SSL for Mail Service on a Headless Server

If you want to set up SSL for Mail service on a server that doesn’t have a display, first follow the instructions in the sections:

“Generating a CSR and Creating a Keychain” on page 119

“Obtaining an SSL Certificate” on page 121

“Importing an SSL Certificate Into the Keychain” on page 121

“Creating a Passphrase File” on this page

Then copy the keychain file “certkc” and the keychain passphrase file “certkc.pass” to the root keychain folder on the headless server. The path on the headless server is /private/var/root/Library/Keychains/.

Chapter 11 Working With Mail Service

Page 122
Image 122
Apple oxs manual Creating a Passphrase File, Setting Up SSL for Mail Service on a Headless Server