Applications > Utilities > Keychain Access > Certificate Assistant
Create a certificate for yourself ("self-signed" certificate.)
Create your Certificate Authority (CA) to issue certificates to others.
Request a certificate frrom a CA
View and evaluate certificates you receive from others.
Get notarized and a thawte account.
When notarized you will get an email with a link to the page to request a certificate>
Your Personal Certificate will contain a public key. People will use that public key to encrypt information for your eyes only. To request a generic X.509 certificate you need to be able to generate and manage private keys manually, as well as generate PKCS#10 Certificate Signing Requests (CSR's) with arbitrary Distinguished Names.
See Getting a Thawte Web of Trust (WOT) certificate
See How to setup mail.app to use a Thawte Certificate for details. The basic process goes as follows:
Setting up a Thawte Web of Trust (WOT) certificate for Mac Mail
- Steps skipped here see How to setup mail.app to use a Thawte Certificate
The procedure is as follows:
1. Generate your private key pair.
2. Generate a CSR. Set the CommonName (sometimes called the "Domain Name" by server SSL key management packages) attribute to the following string (case sentitive):
3. Paste the CSR into the space below.
Paste PKCS#10 CSR here. Include BEGIN and END lines in their entirety.
|Paste PKCS#10 CSR here. |
|Include BEGIN and END lines in their entirety. |
Start Keychain Access (utilities)
Select Certificate Assistant in Keychain Access menu.
Specify Request a certificate from a CA.
You'll get email with a certificate.
Paste it in the above window on the thawte page.
last updated 6 Dec 2008