Pick of the Week - Nov 10 [Show all picks]
Path Finder 5 - A feature-laden Finder replacement
Submit Hint Search The Forums LinksStatsPollsFAQHeadlinesRSS
12,000 hints and counting!

10.3: Obtaining server SSL certificates Internet
Sun, Nov 2 2003 at 11:37AM PST • Contributed by: sharumpe
I don't know if this is applicable, but there's a lot of talk about SSL certificates, so I thought I'd add this tidbit ... if you're constantly being hounded by Safari or Mail.app that it does not recognize a certificate, you can use the previously posted hints to install that certificate or it's signing certificate into Mac OS X to eliminate the warning. However, to do that, you need to have the certificate. Here's an easy way to get the certificate itself: open a Terminal window and type the following: 
  openssl s_client -showcerts -connect hostname.com:port
For example, if you wanted to get the certificate for www.verisign.com, you'd do this: 
  openssl s_client -showcerts -connect www.verisign.com:443
You will see quite a bit of output from this, but the first block beginning with -----BEGIN CERTIFICATE----- is the certificate for the server. Copy everything from (including) the BEGIN CERTIFICATE line to the corresponding END CERTIFICATE line, and save it into a file that ends with .cer. Now you've got a certificate file for that server! Follow the previous hints to install it in the appropriate Keychain.
    •    
  • Currently 0.00 / 5
  • 1
  • 2
  • 3
  • 4
  • 5
  (0 votes cast)  
[14,027 views]  

Hint Options


10.3: Obtaining server SSL certificates | 6 comments | Create New Account
Click here to return to the '10.3: Obtaining server SSL certificates' hint
The following comments are owned by whomever posted them. This site is not responsible for what they say.
10.3: Obtaining server SSL certificates
Authored by: vondrix on Sun, Nov 2 2003 at 5:00PM PST
Instead of searching for the older hints, just doubleclick on the certificate. After it has installed itself in keychain, set "When using this certificate" to "Alway Trust"

[ Reply to This | # ]
10.3: Obtaining server SSL certificates
Authored by: mamadrum on Wed, Nov 19 2003 at 4:13PM PST
Funny. I found X.509 Anchors keychain locked and I can't unlock it with either my user password or my root password. I'm unable to add certificates to that keychain. Can anybody explain this?

However, I did add my cert to the login keychain and it appeared to work.

--aaron

[ Reply to This | # ]
10.3: Obtaining server SSL certificates
Authored by: dborod on Tue, Nov 4 2003 at 11:35AM PST
This only works if you add it to the 'X509Anchors' keychain. You'll need to add this keychain by selecting the 'Add Keychain...' menu item from the 'File' menu and adding the file from /System/Library/Keychains/

[ Reply to This | # ]
10.3: Obtaining server SSL certificates
Authored by: MattHaffner on Thu, Nov 6 2003 at 3:11PM PST
I didn't need to add this keychain, it was in the dialog for importing already. And, I didn't need to add it for Mail to bypass the launch dialog. However, the chain is not listed in Keychain Access until you do the 'Add...', so you won't be able to view or modify the cert until then.

[ Reply to This | # ]
10.3: Obtaining server SSL certificates
Authored by: mejarvis on Fri, Jan 23 2004 at 1:00AM PST
There is a good deal of comment all over here on how to automate acceptance of these certificates. Unfortunately, it does not all seem to agree, and there are a lot of "Yes, buts...". Would someone kindly condense these and post an authoritative summary? It would be huge favor.

[ Reply to This | # ]
10.3: Obtaining server SSL certificates
Authored by: zarqman on Tue, Feb 10 2004 at 9:56PM PST
i doubled clicked on the .cer file, told it to to add it to the X509Anchors keychain, and it worked from there. i tried adding it to my personal keychain, and even with 'always trust' it still didn't work. best of luck....

[ Reply to This | # ]

Search

Advanced

From our Sponsor...

User Functions





Don't have an account yet? Sign up as a New User
Lost your password?

What's New:

Hints

3 new Hints in the last 24 hours

Comments last 2 days


Links last 2 weeks

No recent new links

What's New in the Forums?

The Editor's Corner...

Here are some of my (robg) other projects...

•  The Robservatory
My blog - Macs, tech, etc.
•  Mac OS X Power Hound
The best of Hints in print
•  Inside iWork
An iWork training DVD
•  Macworld
Column, features, online...

Hints by Topic

 

News from Macworld

The macosxhints Poll

iPad_poll_#1

Which, if any, model of iPad will you be buying?

  •  None of them
  •  16GB: Wifi [$499]
  •  16GB: Wifi + 3G [$629]
  •  32GB: Wifi [$599]
  •  32GB: Wifi + 3G [$729]
  •  64GB: Wifi [$699]
  •  64GB: Wifi + 3G [$829]
  •  Waiting for next generation
This poll has 0 more questions.
Results
Other polls | 7,021 votes | 76 comments
Copyright © 2010 Mac Publishing LLC (Privacy PolicyContact Us
All trademarks and copyrights on this page are owned by their respective owners.

Visit other IDG sites:


Powered by Geeklog Created this page in 0.06 seconds