Newsroom Update

Beginning in May, a special Today at Apple series titled “Made for Business” will offer small business owners and entrepreneurs free opportunities to learn how Apple products and services can support their growth and success. Learn more >

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: realzcubed
realzcubed Author
User level: Level 1
2 points

SSL Certificate Advanced Administration - How Does It Work?

Is there any documentation for advanced administration of SSL certificates on Lion Server? I see that Apple's documentation page Lion Server: Advanced Administration covers SSL certs, but makes no mention creating/signing new certificates with Open Directory in use. I've run into a host of annoyingly simple SSL cert problems that arise from using Apple's defaults -- with apparently no documentation to fix them.


  1. Is it necessary that the server's [LAN FQDN server.computer.private] SSL cert be signed by the automatically created Intermediate CA "server.computer.private OD Intermediate CA"? This CA is created by the Server app Mange>Manage Network Accounts...
  2. How do I create a SSL cert that works for both my computer's LAN FQDN server.computer.private and its internet FQDN mydomainname.com?
  3. If I create a new self-signed certificate when OD is already set up, what must I do?
  4. How do I sign my server's SSL cert using my own root CA?


Whenever I try to change any SSL certs on my own, everything breaks. I have an Apple support account, but Enterprise Support says that these basic questions go beyond the support agreement. Is there documentation anywhere that explains any of these issues? Surely someone has figured out how to set up Lion Server to work securely both on the LAN and the internet, or to use their own root CA.

Mac mini, Mac OS X (10.7.1), 8 GB

Posted on Nov 27, 2011 5:25 PM

Reply
4 replies
User profile for user: DaleBrown
DaleBrown
User level: Level 1
8 points

Dec 19, 2011 12:17 PM in response to realzcubed

I too am interested in this. I seem to be having the same issue. I setup profile manager, etc before when testing. Yesterday I went and purchased a wildcard cert and installed it. Everything was fine until I go to profile manager and go to select the cert in "sign configuration profiles". when I enter there all I see is the old self generated "macserver.local OD intermediate CA" cert. I don't see my new cert at all.



Please clarify.

Reply

SSL Certificate Advanced Administration - How Does It Work?

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up