Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 2 replies
  • Subscribers 6 subscribers
  • Views 6208 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Question on SSL cert renewal for Mac clients

AWilson

I assume I have to install the SSL cert (new, purchased, not self signed) into IIS (duh) and presumably into the keychains into system on the Mac OS client. I don't really recall this from my Architect so apologies if this has been covered. Does anyone know of a way of deploying it rather than manually adding to keychains? Happy to hear if anyone else has run across this w/ a large Mac deployment talking over SSL and what they did to resolve the stumbling blocks.



This thread was automatically locked due to age.
  • +1

    Morning!

    I use a script to install mine when setting it up the original install. When SSL expires I'll probably create another script to run locally. Depends on how many machines you're talking about of course!

     

    sudo /usr/bin/security add-trusted-cert -d -k /Library/Keychains/System.keychain -r trustAsRoot -p ssl thisisthenameofyourcert.crt

     

    You could use something similar to this? I've included my certs (I have three - two Sophos servers and one intermediary cert) in the same root as the script. This is run through Terminal in my environment but you could approach this differently and wrap the installer into a bundle/package?

     

    Hope this helps?

  • 0 in reply to MichaelMcLannahan

    Thanks for the input -- yep that'd likely do it. We'll see when I get around to upgrading our SGN server. Thanks.

    Alexander

Unfiltered HTML