Manualshelf

Setup guide

ManualsBrandsApple ManualsNetwork CardMac OS X Server
41424344454647484950
4.6.3 Configuring SSL Support
Using SSL to offer a secure communication channel to web visitors requires three
separate files:
A signed server certificate
The server's private key (used to create the Certificate Signing Request)
The certificate of the Certificate Authority that signed our Certificate Signing
Request
After following the instructions of the previous section “Creating an SSL Certificate
for Web Services,” the three necessary files should be located in the CA’s
/usr/share/certs directory. If they were purchased from a commercial CA, the
following instructions will apply. To ready the web server for SSL, open Server
Admin and do the following:
1. Open Server Admin.
2. Click Web in the list for the server you want.
3. Click on the Settings tab.
4. Click on the Sites tab to view a list of sites.
5. Click on the site you want to use SSL, and click on the edit button.
6. In the General Tab, enter the domain name of the site in the Domain
Name field (Remember that this should match the Common Name in the
site's certificate.)
7. Change the port to 443. This is the default port for SSL communication.
8. Click on the Security tab.
9. Check the "Enable Secure Sockets Layer" checkbox.
10. Enter the passphrase for the server certificate in the Pass Phrase entry box.
We now have to copy the information from the three aforementioned files into the
files listed on the Security tab. If you are using self-signed certificates as discussed in
“Creating an SSL Certificate for Web Services,” this can be accomplished as follows:
1. Copy the files server.crt, server.key, and ca.key from the CA to the web
server. Use a removable medium such as a CD or USB Flash memory; do
not copy the files over the network.
2. On the web server, open the server.crt, server.key, and ca.key files with
TextEdit. (Hold down mouse button over icon, click Open With, Other...
and select TextEdit for each of the files.)
3. Click on the pencil (Edit) icon in the Server Admin window’s Web Security
tab next to the Certificate File entry. Copy the entire contents of the
server.crt file into the edit window, and click OK.
42
UNCLASSIFIED