29341 Views 3 Replies Latest reply: Jun 10, 2008 10:29 AM by Lawrence Jones1
I am having issue with com.apple.kerberos.kdc certificate(s) as well. I recently setup OS X Server 10.5 with updates to v10.5.2. I cannot get Mail, iCal/CalDAV, Sharing, and other serves to work from my client computers. It appears the issue is related to security and certficates named com.apple.kerberos.kdc & com.apple.systemdefault where the root certificates are self-signed and have the error message, "This root certificate is not trusted". Currently working to resolve this issue. So far it looks like I need to use Certificate Assistant to setup myself as CA (certificate authority) on my server and then set the trust values for the certificate. Since I'm a new comer to OS X Server I am still researching and looking for direction prior to proceeding. I setup OS X 10.5.x server in standard mode using Server Assistant, but expect to eventual switch to advanced mode when I get up to speed with server setting and preferences.
Anyone have any advise on how to resolve this certificate problem?
You should keep them. See this article <http://support.apple.com/kb/TS1452>
I am experiencing the problem that the above article refers to - i.e. when connecting to a computer in the .local domain, I am prompted for a password, rather then being authenticated automatically with Kerberos. However, I have not removed my com.apple.kerberos.kdc certificate or key pair on any of my Macs. Also, I can see that the 'Not Valid Before' date matches when I installed Leopard on that particular computer, which is different for each of my Macs.
So my problem is continuing!...
I have a related question. Because of a security concern, I studied keychain access entries offline, found these certificates marked "This root certificate is not trusted":
Absent any other clues, I deleted them before reconnecting to the network. I see no consequence yet, but now I find
which says do not delete these.
1. What is the consequence of deletion?
2. How do I restore them short of reinstalling 10.5 (please, not that!)?