Chapter 4 Enhancing Security 63
The Server Admin interface is shown below, with Certicates selected.
Certicate Manager provides integrated management of SSL certicates in
Mac OS X Server for services that allow the use of SSL certicates. On installation,
the server creates a self-signed certicate for immediate use from information you
put in during server setup.
Certicate Manager uses Mac OS X’s Certicate Assistant to create self-signed
certicates and certicate-signing requests (CSRs) to obtain certicates signed by a
CA. The certicates, self-signed or signed by a CA, are then accessible by services that
support SSL.
Certicate Manager in Server Admin doesn’t allow you to sign and issue certicates
as a CA, nor does it allow you to sign and issue certicates as a root authority. If you
need these functions, you can use Certicate Assistant in Keychain Access (located in
/Applications/Utilities/). It provides these capabilities and others for working with x.509
certicates.
Identities that were created and stored in OpenSSL les can also be imported into
Certicate Manager. They are accessible to services that support SSL. Self-signed and
CA-issued certicates you created in CA Assistant can be used in Certicate Manager
by importing the certicate.
Certicate Manager displays the following for each certicate:
The domain name the certicate was issued for Â
The expiration date of the certicate Â
When selected, the detailed contents of the certicate Â
