Certificate Signing Request (CSR) Generation Instructions for Apple Mac OS X Server 10.7

Solution ID:    SO20050    Updated:    07/27/2016


This document provides instructions how to generate certificate signing request (CSR) for Apple Mac OS X Server 10.7. If this document can not be used on the server, please contact Apple Support.

Step 1: Start Profile Manager

  1. Login to the server, and in the Services list, click Profile Manager.
  2. Make sure to Click Settings option, then click on Edit button.

  3. In the Manage Certificates screen, click on the plus sign and choose Create a Certificate Identity.

  4. Please make sure to tick SSL Server in the Certificate Type. Also enter a name for the certificate for reference.

  5. This step would create a self-signed certificate, which is required before you can generate a new CSR.


Step 2: Generate the CSR

  1. In the Certificate Information page, leave the value as default.

  2. Next please enter the distinguish name of your CSR

  3. Select keysize as 2048 bit.

  4. Leave the key extension as default.

  5. Leave the Basic Constraints value as default.

  6. If prompted for Subject Alternative Names, leave this section blank.  Now you would see a certificate summary page.

  7. Click on "Allow" to export the key

  8. Go back to server.app and then Manage certificates
  9. Now click on Create Certificate Signing Request (CSR) as shown in the diagram below.

  10. A CSR should be displayed at this stage.

  11. Use this CSR for enrolment of the SSL certificate.

            NOTE: During the enrolment open the file you created from the above steps and copy the contents into the enrollment form when requested for the CSR. 

 Back up your Private Key

           RapidSSL recommends backing up the .key file and storing of the corresponding pass phrase.  A good choice is to create a copy of this file onto a removable media. While backing up the private key is not required, having one will be helpful in the instance of server failure.

Contact Information

            During the verification process, RapidSSL may need to contact your organization.  Be sure to provide an email address, phone number and fax number that will be checked and responded to quickly. These fields are not part of the certificate.

Once the certificate has been issued, refer to this link for installation instructions.



RapidSSL has made efforts to ensure the accuracy and completeness of the information in this document. However, RapidSSL makes no warranties of any kind (whether express, implied or statutory) with respect to the information contained herein. RapidSSL assumes no liability to any party for any loss or damage (whether direct or indirect) caused by any errors, omissions, or statements of any kind contained in this document.  Further, RapidSSL assumes no liability arising from the application or use of the product or service described herein and specifically disclaims any representation that the products or services described herein do not infringe upon any existing or future intellectual property rights. Nothing herein grants the reader any license to make, use, or sell equipment or products constructed in accordance with this document. Finally, all rights and privileges related to any intellectual property right described herein are vested in the patent, trademark, or service mark owner, and no other person may exercise such rights without express permission, authority, or license secured from the patent, trademark, or service mark owner. RapidSSL reserves the right to make changes to any information herein without further notice.

Contact Support

US Support:

Order Processing

Technical Support

European Support:

Order Processing

Technical Support

SSL digital certificates sales live chat.

Find Answers

Search Tips