[MacTUG] OS X Server and Importing Security Certificates

Ian Turner iturner at uwaterloo.ca
Thu Nov 15 11:21:08 EST 2007 

it's even simpler, just have the stuff on your desktop and do the 
"import" - it will create the files it wants in /etc/
Possible issues are permissions, and that if you have the "original" 
already in etc, it will maybe try to overwrite

and make sure there is a Thawte "master" already in your certificate 
stores - I think you check that with Keychain app

see
https://www.cs.uwaterloo.ca/twiki/view/CF/ADMacInteg

the section on configuring Secure LDAP

Jeff Dunnett wrote:
> Hello,
> 
> I was wondering if I might be able to call upon the collective expertise 
> of the group.  I am having problems installing a Thwate security 
> certificate obtained through IST on our Tiger server.  Maybe it is 
> because of my inexperience with this sys admin operation.  Maybe I am 
> doing something wrong.  Maybe it is some kind of problem I am not seeing.
> 
> I have in /private/etc/certificates three files:
> 
> cemc.math.uwaterloo.ca.crt (which contains the cert 
> http://ist.uwaterloo.ca/security/IST-CA/certs/59315.7.60540.7.pem)
> 
> cemc.math.uwwaterloo.ca.key (which contains the private key)
> 
> cemc.math.uwaterloo.ca.chcrt (which is the security authority file)
> 
> I have tried a number of ways for installing the certificate:
> 
> 1) Manually adding a new cert by going into Server Admin tools by 
> clicking on the 'plus button'.  Then typing in the information contained 
> in the certificate (.crt file) manually (i.e. Common Name, City etc).  
> Then clicking on adding signed certificate then cutting and pasting the 
> information between the (start certificate and end certificate) from the 
> .crt file.  The problem is that it says there is an error writing the 
> settings and then shows the authority as self-signed.
> 
> 2) I have tried imporitng the certificate by clicking on the 'import' 
> button.  Then giving the Certificate File as 
> /private/etc/certificate/cemc.math.uwaterloo.crt.   The Private Key File 
> as /private/etc/certificate/cemc.math.uwaterloo.key and the Certificate 
> Authority File as /private/etc/certificate/cemc.math.uwaterloo.chcrt.  I 
> leave the Private Key Passphrase as blank because I am pretty sure there 
> isn't one.  I get a message saying "Certificate Import Failed make sure 
> that the values you entered are correct and that the certificate files 
> on the server are valid."
> 
> Does it seem like I am doing anything wrong?  I am a little stumped at 
> this point.
> 
> Regards,
> Jeff
> 
> 
> 
> 
> 
> _______________________________________________
> MacTUG mailing list
> MacTUG at lists.uwaterloo.ca
> https://lists.uwaterloo.ca/mailman/listinfo/mactug

More information about the MacTUG mailing list