We have a new 10.8 server that we are currently using for iChat/Messages service. We have created a self signed certificate to encrypt the traffic to the Messages service since we have the service accessible for internet and phone users. We use network accounts and users need to log in on several different machines when in the office.
Can anyone suggest how to tell a client machine to trust the certificate for all users?
Currently, each user is asked to trust the certificate on each client they log into.
I have imported the server certificate into the client's system keychain in Kechain Access and asked it to trust the certificate for all items manually. This does not appear to allow all users to trust the certificate since subsequent users who have not yet trusted the certificate on the test client are still asked to confirm trust. When opening the iChat.app the users are still propmpted to verify the certificate which now indicates that it is trusted for all users.
- Drag certificate from verification dialog.
- Import into System Keychain
- Select certificate in System Keychain and select "i" button at bottom of window.
- Set all items to always trust.