How can I generate a CA flagged SSL certificate for OS X Server usage?
[I originally posted this in the Yosemite forum as I didn't find the Server forum at the time. Reposting here, as it's where I meant to originally post it]
Hello,
I wish to generate an SSL certificate for OS X Server, WITH the CA flag set to TRUE. The one that is generated by Server by default does not have this flag in place.
I got as far as generating a CA Signing Authority certificate in Keychain Access. I can also then generate a new SSL certificate with the CA flag set. But I have not been able to get that certificate to be utilised by Server. I've tried many routes to do so. Including exporting it from Kaychain and importing it to Server Certificates manager. But it still uses the prior certificate. If I delete that prior certificate in Keychain, Server detects it is missing and the drops back to using the "Server Fallback SSL certificate - Self-signed". If I tell it to use the certificate I generated and imported it results in the message,
Additional access is required to use the selected certificate.
Server cannot access the private key for this certificate. To grant access, click Continue and enter your user name and password when prompted.
I click CONTINUE, and it goes to the message:
Services could not be configured to use this certificate.
The certificate could not be exported, and cannot be used to configure services.
Would someone experienced with such things please advise how I might go about doing this.
My issue is that Android will not accept/trust certificates that don't have the CA Flag = TRUE. So I need to get this in place in order to import the certificate for my local server into Android devices that I want to use for accessing the Server (such as CalDAV and CardDAV).
Thank you.