[MacTUG] OS X Server and Importing Security Certificates
Ian Turner
iturner at uwaterloo.ca
Thu Nov 15 11:21:08 EST 2007
it's even simpler, just have the stuff on your desktop and do the
"import" - it will create the files it wants in /etc/
Possible issues are permissions, and that if you have the "original"
already in etc, it will maybe try to overwrite
and make sure there is a Thawte "master" already in your certificate
stores - I think you check that with Keychain app
see
https://www.cs.uwaterloo.ca/twiki/view/CF/ADMacInteg
the section on configuring Secure LDAP
Jeff Dunnett wrote:
> Hello,
>
> I was wondering if I might be able to call upon the collective expertise
> of the group. I am having problems installing a Thwate security
> certificate obtained through IST on our Tiger server. Maybe it is
> because of my inexperience with this sys admin operation. Maybe I am
> doing something wrong. Maybe it is some kind of problem I am not seeing.
>
> I have in /private/etc/certificates three files:
>
> cemc.math.uwaterloo.ca.crt (which contains the cert
> http://ist.uwaterloo.ca/security/IST-CA/certs/59315.7.60540.7.pem)
>
> cemc.math.uwwaterloo.ca.key (which contains the private key)
>
> cemc.math.uwaterloo.ca.chcrt (which is the security authority file)
>
> I have tried a number of ways for installing the certificate:
>
> 1) Manually adding a new cert by going into Server Admin tools by
> clicking on the 'plus button'. Then typing in the information contained
> in the certificate (.crt file) manually (i.e. Common Name, City etc).
> Then clicking on adding signed certificate then cutting and pasting the
> information between the (start certificate and end certificate) from the
> .crt file. The problem is that it says there is an error writing the
> settings and then shows the authority as self-signed.
>
> 2) I have tried imporitng the certificate by clicking on the 'import'
> button. Then giving the Certificate File as
> /private/etc/certificate/cemc.math.uwaterloo.crt. The Private Key File
> as /private/etc/certificate/cemc.math.uwaterloo.key and the Certificate
> Authority File as /private/etc/certificate/cemc.math.uwaterloo.chcrt. I
> leave the Private Key Passphrase as blank because I am pretty sure there
> isn't one. I get a message saying "Certificate Import Failed make sure
> that the values you entered are correct and that the certificate files
> on the server are valid."
>
> Does it seem like I am doing anything wrong? I am a little stumped at
> this point.
>
> Regards,
> Jeff
>
>
>
>
>
> _______________________________________________
> MacTUG mailing list
> MacTUG at lists.uwaterloo.ca
> https://lists.uwaterloo.ca/mailman/listinfo/mactug
More information about the MacTUG
mailing list