HT202529: OS X Server: Renewing Profile Manager's code signing certificate
Learn about OS X Server: Renewing Profile Manager's code signing certificateQ: Running OS X MLS 10.8.4 & received alert to renew CSC, but it only has button to Replace (not Renew) and it does nothing. Trie ... Running OS X MLS 10.8.4 & received alert to renew CSC, but it only has button to Replace (not Renew) and it does nothing. Tried steps for Lion but says it can't find the certificate, though it's in Keychain Access. Any advice? more
-
All replies
-
Helpful answers
-
Jul 6, 2013 11:42 PM in response to IDEA Devby LogMeCode3,Two things:
First, (and it sounds like you probably already did this) for Mountain Lion Server, replace "/usr/sbin/certadmin" with "/Applications/Server.app/Contents/ServerRoot/usr/sbin/certadmin".
Second, and equally as important, make sure that the hexadecimal characters at the end do not include the "0x" at the beginning of the base 16 conversion AND that any alpha characters from the hexadecimal set are entered into the command IN LOWER CASE. This is where people are having issues, I believe.
-
Jul 12, 2013 3:51 AM in response to IDEA Devby Mr J Smith,I am having exactly the same issue - trying to research this on the net but every time I keep getting the article saying on MLS just click the renew button - very frustration. I've only got a few weeks to get to the bottom of this problem before the CSC runs out.
-
Jul 12, 2013 3:52 AM in response to LogMeCode3by Mr J Smith,Sorry LogMeCode, these do things dont mean anything to me, are they in direct respose to IDEA Devs post?
-
Jul 12, 2013 7:16 AM in response to LogMeCode3by Mr J Smith,LogMeCode3 I take it all back - it worked a charm!
Just to clarify for any other readers - if your CSC isn't renewing in Mountain Lion Server then follow this support link;
http://support.apple.com/kb/HT5358
but follow the Lion instructions (the long way around) but change the terminal entry to the following;
sudo /Applications/Server.app/Contents/ServerRoot/usr/sbin/certadmin --recreate-CA-signed-certificate "myserver.mydomain.com Code Signing Certificate" "IntermediateCA_MYSERVER.MYDOMAIN.COM_1" 192173c1c
Changing your name, trust and hex serial code as appropriate.
Did the job for me - start and ticks for everyone!!
-
Aug 6, 2013 8:19 AM in response to Mr J Smithby Davethenetworkguy,The hexadecimal number you use in the command line needs to be lowercase "4abc4abc" not "4ABC4ABC" otherwise you will get a certificate not found error from the command.
-
Sep 26, 2013 9:44 AM in response to LogMeCode3by eysfilm,Thanks for the tip on using "Lower Case" for the Hex code that is super important. Wasn't working for me at all unti I changed this.
THANKS!!!!!