Filter
Top Products
200 Chapter 12 Working with the Mail Service
Obtaining an SSL Certificate
After generating a CSR and a keychain, you continue configuring mail service for
automatic SSL connections by purchasing an SSL certificate from a certificate authority
such as Verisign or Thawte. You can do this by completing a form on the certificate
authority’s website. When prompted for your CSR, open the csr.txt file using a text
editor, such as TextEdit. Then, copy and paste the contents of the file into the
appropriate field on the certificate authority’s website. The websites for these certificate
authorities are at:
 www.verisign.com
 www.thawte.com
When you receive your certificate, save it in a text file named sslcert.txt. You can save
this file with the TextEdit application. Make sure that the file is plain text, not rich text,
and that it contains only the certificate text.
Importing an SSL Certificate into the Keychain
To import an SSL certificate into a keychain, use the certtool tool. This continues the
configuration of mail service for automatic SSL connections.
To import an SSL certificate into the keychain:
1 Log in to the server as root.
2 Open the Terminal application.
3 Go to the folder where the saved certificate file is located.
For example: Enter cd /private/var/root/Desktop and press Return if the certificate
file is saved on the desktop of the root user.
4 Enter the following command, and then press Return:
$ certtool i sslcert.txt k=certkc
Using certtool this way imports a certificate from the file named sslcert.txt into the
keychain named certkc.
A message on screen confirms that the certificate was successfully imported.
...certificate successfully imported.
Accessing the Server Certificates
Server Admin keeps a centralized store of your server’s certificates for ease of use and
management. You can use certadmin to access this information from the command
line. certadmin manipulates the list of certificates stored in the System keychain.