Apple’s Mac OS X Lion is version 10.7 of Apple Computer’s flagship Mac OS X operating system for Macintosh desktop and server computers. The Lion OS release is the eighth update to Mac OS X, superceding the following earlier updates for the operating system: “Cheetah” (v10.0), “Puma” (v10.1), “Jaguar” (v10.2), “Panther” (v10.3), “Tiger” (v10.4), “Leopard” (v10.5) and “Snow Leopard” (v10.6).Among Lion’s many new features is a new dashboard interface called Mission Control, a Launchpad feature that provides instant access to your apps, new Auto Save and Versions features for protecting you from losing work, a new FileVault security feature, an upgraded Mail 5 tool, a new Resume feature, improved capabilities for finding and launching applications, enhanced support for multi-touch gestures and animations, and a new AirDrop file transfer feature that simplifies copying files wirelessly across Mac computers.
Create a Certificate Identity and CSR
-
- Open the Server App.
- Under the Hardware Section, select your server and click the Settings tab next to SSL Certificate, click ‘Edit’.
- Click the Gear drop-down and select Manage Certificates.
- On the SSL Certificate line click the Edit… button.
- Click the ‘+’ drop-down menu and choose Create a Certificate Identity.
This will open a Certificate Assistant and you will need to enter the information below on each screen:
- Enter the following details on the Create Your Certificate Screen Name: ‘server.example.com’ (this should be the FQDN users will connect with, this should be a domain that you have purchased)
Identity Type: Self-Signed Root
Certificate Type: SSL Server
Check the box Let me override defaults
- You will receive a warning that you are creating a self-signed certificate that won’t be automatically trusted by computers that receive it. Click Continue.
- Certificate Information: Leave all items as the default values and click Continue.
- Enter your email address and the details for the organization/individual the certificate is being purchased for:
Email Address: your@emailaddress.com
Name(Common Name): servername.domain.com
Organization: Your Company, Inc.
Organization Unit: IT
City/Locality: YourCity
State/Province: YourState
Country: U.S.
- On this screen choose Key Size: 2048 bits, Algorithm: RSA Then click Continue.
- Key Usage Extension: Leave all options as defaults and click Continue.
- Extended Key Usage Extension: Leave all options as defaults and click Continue.
- Basic Constraints Extension: Leave as default option and click Continue.
- On the Subject Alternate Name Extension screen choose the following if you are getting a SAN Certificate otherwise click Continue dnsName: Enter additional SAN names you will be securing such as additional subdomains, or other websites (e.g. mail.domain.com, www.domaintwo.com) click Continue.
- Enter the following details on the Create Your Certificate Screen Name: ‘server.example.com’ (this should be the FQDN users will connect with, this should be a domain that you have purchased)
You should then see a screen showing “Your Certificate has been successfully created”, and a red warning stating that – This root certificate is not trusted. Click Done.
You will then receive a message stating ‘Server wants to export key “www.yourdomain.com” from your keychain.’ Click to ‘Allow‘.
- Click the Gear then choose Create Certificate Signing Request…
This will bring up a windows showing the CSR text, that you can select (Option+a), and copy (Option+c), or click to save the file to upload during the SSL Certificate Purchase Process.
- After you receive your SSL Certificate from DigiCert, you can install it.
If you are unable to use these instructions for your server, we recommend that you contact either the vendor of your software or the organization that supports it.