Entrust Certificate Services Support Knowledge BaseLast Modified: 2017-03-02 15:30:20.0
Entrust Datacard SSL/TLS Certificate Installation Instructions - Mac OS X 10.7 server and up
Article Number: 46437
Before you begin...
- Never share private keys files.
- If you plan on using the same certificate on multiple servers always transfer the private key using a secure method (e-mail is not considered a secure method of transfer).
- It is best practice to ensure that you have current and up to date Ciphers and Protocols to ensure the best security when deploying a new Private key and Server Certificate.
- Make sure you run the SSL Server Test at the end of the installation process to check your certificate configuration against SSL/TLS Best Practices.
- For more information on SSL/TLS Best Practices, click here.
- Download the certificate file from certificate pick up link. The file format for downloaded file is in zip compressed file. You need to extract all the certificate files by using any unzip tool. Such as built-in tool on Windows OS, Winzip, 7Zip etc.
- The installation steps below are only valid for OS X Server version 10.7 and above. The example below is using OS X Server version 10.11 (El Capitane Server ver 4.0).
1. Launch the keychain access management console from the finder. Click on the Spotlight icon on the top right hand corner of the screen and type keychain access.
2. Unlock the System keychain. Right click on the System and select Unlock Keychain “System”.
3. Enter your admin password.
4. If the system keychain has been unlocked successfully, you should be able to see the padlock image has changed to an opened padlock.
5. Open the folder where you save the Entrust SSL/TLS certificate files and drag the intermediate1.crt file into the system keychain.
The Intermediate certificate is now installed to your server.
1. Launch the server app from Application section on your OS.
2. Select Certificate on the left column and you should see a pending request show inside Trusted Certificates section.
3. Double click on pending request. Drag the servercertificate.crt to the certificate files box.
The server certificate is now installed to your server.
1. Go back to Server app console then select Website category on the left column. The websites window will open. Under the website section, you should see two entries: "Server Website" and "Server Website (SSL)", Double click on "Server Website (SSL)".
2. Click on arrow button next to "SSL Certificate" field to change the value from Self-signed certificate Entrust SSL/TLS Certificate (e.g. Entrust Certificate Authority - L1K)
3. Restart the web server by sliding the switch off and then on again from the top right of the main websites window.
|Your SSL/TLS certificate installation is now complete.|
Hours of Operation:
Sunday 8:00 PM ET to Friday 8:00 PM ET
North America (toll free): 1-866-267-9297
Outside North America: 1-613-270-2680 (or see the list below)
NOTE: It is very important that international callers dial the UITF format exactly as indicated. Do not dial an extra "1" before the "800" or your call will not be accepted as an UITF toll free call.
|Australia||0011 - 800-3687-7863|
|Austria||00 - 800-3687-7863|
|Belgium||00 - 800-3687-7863|
|Denmark||00 - 800-3687-7863|
|Finland||990 - 800-3687-7863 (Telecom Finland)|
00 - 800-3687-7863 (Finnet)
|France||00 - 800-3687-7863|
|Germany||00 - 800-3687-7863|
|Hong Kong||001 - 800-3687-7863 (Voice)|
002 - 800-3687-7863 (Fax)
|Ireland||00 - 800-3687-7863|
|Israel||014 - 800-3687-7863|
|Italy||00 - 800-3687-7863|
|Japan||001 - 800-3687-7863 (KDD)|
004 - 800-3687-7863 (ITJ)
0061 - 800-3687-7863 (IDC)
|Korea||001 - 800-3687-7863 (Korea Telecom)|
002 - 800-3687-7863 (Dacom)
|Malaysia||00 - 800-3687-7863|
|Netherlands||00 - 800-3687-7863|
|New Zealand||00 - 800-3687-7863|
|Norway||00 - 800-3687-7863|
|Singapore||001 - 800-3687-7863|
|Spain||00 - 800-3687-7863|
|Sweden||00 - 800-3687-7863 (Telia)|
00 - 800-3687-7863 (Tele2)
|Switzerland||00 - 800-3687-7863|
|Taiwan||00 - 800-3687-7863|
|United Kingdom||00 - 800-3687-7863|
0800 121 6078
+44 (0) 118 953 3088