- Reference 4.1 Describe SSL Certificate Basics
- Reference 4.2 Configuring SSL Certificates
- Reference 4.3 Troubleshooting
- Exercise 4.1 Examine the Default SSL Certificate
- Exercise 4.2 Configure an Open Directory Certificate Authority
- Exercise 4.3 Configure Your Client Computer to Trust an SSL Certificate
This chapter is from the book
This chapter is from the book
This chapter is from the book
Reference 4.3 Troubleshooting
Certificate Assistant uses the IPv4 address of the Mac from which you run the Server app, so if you’re using an administrator computer to configure a remote server and generate a new self-signed certificate, be sure to use the server’s host name and IP address where appropriate.
When you configure your server as an Open Directory server, if you have a self-signed certificate with your server’s host name in the certificate’s Common Name field, the Server app replaces the original self-signed SSL certificate with a new certificate. This new certificate will be signed by a newly created intermediate CA associated with your server’s Open Directory service.
However, if you have a certificate with your server’s host name in the certificate’s Common Name field and the certificate is signed by a CA or an intermediate CA (that is not associated with your Open Directory service), then the Server app doesn’t replace it with a new one signed by the Open Directory intermediate CA (however, the Server app still creates the Open Directory CA and intermediate CA).
Each certificate has an expiration date; if the current date is later than a certificate’s expiration date, the certificate is not valid.
