Q: SSL certificate not used for Server Admin connections
I have a GoDaddy SSL certificate installed on OS X Server 10.11.4. It works fine for the web server (https). Connecting via Server.app offsite, produces a SSL warning and a self-signed certificate. There is a related error consistently in the logs:
servermgr_certs[]: -[CertsRequestHandler(KeychainOpenSSLExport) exportIdentity:]: SecKeychainItemExport(certificateChain) no certificate chain available, defaulting to a leaf cert only
Any suggestions? I've reinstalled the cert...
Mac mini, OS X El Capitan (10.11.4), OS X Server
Posted on Jun 7, 2016 11:15 AM
You need make Server.app aware of the 3rd party certificate. Follow these steps:
1: Open Keychain Access.
2: Select the System keychain from the list of keychains.
3: Find the com.apple.servermgrd identity preference and double click it.
4: Select your 3rd party SSL certificate from the Preferred Certificate popup menu.
5: Press the Save Changes button. You will be prompted to authenticate.
6: Reboot the server or restart the servermgrd process to activate the changes.
Now when connecting to the server from a remote device using Server.app, you will connect using your 3rd party valid SSL cert and avoid the errors.
Reid
Apple Consultants Network
Author - "El Capitan Server – Foundation Services"
Author - "El Capitan Server – Control & Collaboration"
Author - "El Capitan Server – Advanced Services"
:: Exclusively available in Apple's iBooks Store
Posted on Jun 9, 2016 9:01 AM