Manualshelf

User manual

ManualsBrandsApple ManualsSoftwareMac OS X Server Java Application Server Administration For Version 10.3 or Later
41424344454647484950
Table Of Contents
Chapter 5 Secure Sockets Layer (SSL) 47
The default certificate format for SSLeay/OpenSSL is PEM, which actually is Base64
encoded DER with header and footer line. For more about the certificate format, see
www.modssl.org.
After you’ve completed the process, you’ll receive an email message that contains a
Secure Server ID. This is your server certificate. When you receive the certificate, save it
to your web server’s hard disk as a file named server.crt.
Important: Be sure to make a copy of the certificate message or file.
Installing the Certificate on Your Server
You can use Server Admin or the command-line tool to specify the certificates for a site.
For instructions on using Server Admin for this purpose, see “Enabling SSL on page 35.
To install an SSL certificate using the command-line tool in the Terminal
application:
1 Log in to your server as the administrator or super user (also known as root).
2 If it doesn’t already exist on your server, create a directory with this name:
/etc/httpd/ssl.crt
3 Copy server.crt (the file that contains your Secure Server ID) to the ssl.crt directory.
Enabling SSL for the Site
1 In Server Admin, click Web in the list for the server you want.
2 Click Settings in the button bar.
3 In the Sites pane, double-click the site where you plan to use the certificate.
4 In the Security pane, select Enable Secure Socket Layer.
5 Type the password from your CSR in the Pass Phrase field.
6 Set the location of the log file that will record SSL transactions.
7 Click the Edit button and paste the text from your certificate file (the certificate you
obtained from the issuing authority) in the Certificate File field.
8 Click the Edit button and paste the text from your key file (the file key.pem, which you
set up earlier) in the Key File field.
9 Click the Edit button and paste the text from the ca.crt file in the CA File field. (This is
an optional file that you may have received from the certificate authority.)
10 Click Save.
11 Stop and then start web service.
LL2350.book Page 47 Friday, August 22, 2003 2:32 PM