How do I install a Globalsign certificate?

Question

Level 1

29 points

How do I install a Globalsign certificate?

I just do not understand the ServerAdmin Certificate management. I ordered a new DomainSSL certificate for my web server. So far so good. When I click on import certificate, ServerAdmin wants my certificate file, a private key file, a CA file (optionally as far as I understand) and the password for the private key.

GlobalSign offers me: the certificate in PEM format and in PCS7 format with root certificates integrated. Additionally i get a PKCS12 file, which I understand is the private key file. Can anybody tell me which file goes where? I tried every possible combination, but without success. What am I doing wrong? To make matters worse, I couldn't find any documentation on Apple's side on this.

Totally mixed up 😕

Posted on Sep 27, 2011 11:06 AM

Reply

Answer 1

Semmelrocc Author

Level 1

29 points

Sep 28, 2011 5:59 AM in response to Semmelrocc

Now in order to give myself and whoever is interested the correct answer:

1. The certificate in PEM format goes into the first field "Certificate file".

2a. In order to get hands on the private key that is needed in the second field, I had to extract it via the command line from the PKCS12 file. I used the following command:

sudo openssl pkcs12 -in mypkcs12file.p12 -nocerts -out myprivatekey.pem

2b. I then put the resulting "myprivatekey.pem" file into the field "Private key file".

3. I left the field of the CA empty.

4. I entered the passphrase that I had used to create the certificate in the first place, and which had been added some random characters by Globalsign.

5. Ready. Now I can choose and use the certificate with my SSL web sites again.

Reply