System information

159Chapter 10 Managing Server Information

To use an SSL certicate:

1 In the Information pane of Server Preferences, click the Edit button to the right of SSL

Certicate.

2 Select “Use SSL certicate” and then choose an available certicate from the top part of

the pop-up menu.

If the pop-up menu doesn’t contain any certicates, you can create a self-signed

certicate. For instructions, search Server Preferences Help for “self-signed certicate.”

If you want to use a previously generated SSL certicate, you can import it.

For instructions, search Server Preferences Help for “importing a certicate.”

You can use the self-signed certicate created for your server when you set it up, or

a self-signed certicate you created, but users’ applications won’t automatically trust

either of these and will display messages asking if the user trusts your certicate.

Using a signed certicate relieves users from the uncertainty and tedium of manually

accepting your certicate in these messages. In addition, a man-in-the-middle spoong

attack is possible with a self-signed certicate, but not with a signed certicate, and

that means users can trust the services they are accessing. See “Obtaining a Signed

Certicate” on page 15 9 and “Replacing a Self-Signed Certicate” on page 161.

Obtaining a Signed Certicate

You can use a self-signed certicate to obtain a signed certicate from a known

certicate authority. A self-signed certicate usually isn’t trusted automatically, but

a signed certicate usually is. Services that can use SSL certicates need a trusted

certicate to securely communicate with users’ applications and other servers.