sslsd-logo

How to generate CSR on MAC OS X lion?

Apple’s Mac OS X Lion is version 10.7 of Apple Computer’s flagship Mac OS X operating system for Macintosh desktop and server computers. The Lion OS release is the eighth update to Mac OS X, superceding the following earlier updates for the operating system: “Cheetah” (v10.0), “Puma” (v10.1), “Jaguar” (v10.2), “Panther” (v10.3), “Tiger” (v10.4), “Leopard” (v10.5) and “Snow Leopard” (v10.6).Among Lion’s many new features is a new dashboard interface called Mission Control, a Launchpad feature that provides instant access to your apps, new Auto Save and Versions features for protecting you from losing work, a new FileVault security feature, an upgraded Mail 5 tool, a new Resume feature, improved capabilities for finding and launching applications, enhanced support for multi-touch gestures and animations, and a new AirDrop file transfer feature that simplifies copying files wirelessly across Mac computers.

Create a Certificate Identity and CSR

    1. Open the Server App.
    2. Under the Hardware Section, select your server and click the Settings tab next to SSL Certificate, click ‘Edit’.
    3. Click the Gear drop-down and select Manage Certificates.
    4. On the SSL Certificate line click the Edit… button.
    5. Click the ‘+’ drop-down menu and choose Create a Certificate Identity.CSR on MAC OS X lionThis will open a Certificate Assistant and you will need to enter the information below on each screen:
      1. Enter the following details on the Create Your Certificate Screen Name: ‘server.example.com’ (this should be the FQDN users will connect with, this should be a domain that you have purchased)
        Identity Type: Self-Signed Root
        Certificate Type: SSL Server
        Check the box Let me override defaultsCSR on MAC OS X lion
      2. You will receive a warning that you are creating a self-signed certificate that won’t be automatically trusted by computers that receive it. Click Continue.CSR on MAC OS X lion
      3. Certificate Information: Leave all items as the default values and click Continue.CSR on MAC OS X lion
      4. Enter your email address and the details for the organization/individual the certificate is being purchased for:
        Email Address: your@emailaddress.com
        Name(Common Name): servername.domain.com
        Organization: Your Company, Inc.
        Organization Unit: IT
        City/Locality: YourCity
        State/Province: YourState
        Country: U.S.CSR on MAC OS X lion
      5. On this screen choose Key Size: 2048 bits, Algorithm: RSA Then click Continue.CSR on MAC OS X lion
      6. Key Usage Extension: Leave all options as defaults and click Continue.CSR on MAC OS X lion
      7. Extended Key Usage Extension: Leave all options as defaults and click Continue.CSR on MAC OS X lion
      8. Basic Constraints Extension: Leave as default option and click Continue.CSR on MAC OS X lion
      9. On the Subject Alternate Name Extension screen choose the following if you are getting a SAN Certificate otherwise click Continue dnsName: Enter additional SAN names you will be securing such as additional subdomains, or other websites (e.g. mail.domain.com, www.domaintwo.com) click Continue.

CSR on MAC OS X lion

You should then see a screen showing “Your Certificate has been successfully created”, and a red warning stating that – This root certificate is not trusted. Click Done.

CSR on MAC OS X lion

You will then receive a message stating ‘Server wants to export key “www.yourdomain.com” from your keychain.’ Click to ‘Allow‘.

CSR on MAC OS X lion

  1. Click the Gear then choose Create Certificate Signing Request…
    This will bring up a windows showing the CSR text, that you can select (Option+a), and copy (Option+c), or click to save the file to upload during the SSL Certificate Purchase Process.CSR on MAC OS X lion
  2. After you receive your SSL Certificate from DigiCert, you can install it.

If you are unable to use these instructions for your server, we recommend that you contact either the vendor of your software or the organization that supports it.

Recent Posts

S/MIME for Outlook O365 Windows

Add to Favorites S/MIME Advantages of S/MIME Certificates S/MIME (Secure/Multipurpose Internet Mail Extensions) certificates offer several advantages when it comes to securing email communications. Here

Read More »

Abbreviations

Add to Favorites There are literally thousands of IT abbreviations out there. Many are concerned with the technical aspects of the computer, while others deal

Read More »

SSL Installation on Qmail

Add to Favorites SSL Installation on Qmail Qmail is a secure, reliable, efficient, simple message transfer agent. It is designed for typical Internet-connected UNIX hosts.

Read More »