Don's Home Technology Macintosh Digital Certificates Contact

Applications > Utilities > Keychain Access > Certificate Assistant

Create a certificate for yourself ("self-signed" certificate.)
Create your Certificate Authority (CA) to issue certificates to others.
Request a certificate frrom a CA
View and evaluate certificates you receive from others.

Get notarized and a thawte account.

When notarized you will get an email with a link to the page to request a certificate>

Your Personal Certificate will contain a public key. People will use that public key to encrypt information for your eyes only. To request a generic X.509 certificate you need to be able to generate and manage private keys manually, as well as generate PKCS#10 Certificate Signing Requests (CSR's) with arbitrary Distinguished Names.

See Getting a Thawte Web of Trust (WOT) certificate
See How to setup to use a Thawte Certificate for details. The basic process goes as follows:

  1. Steps skipped here see How to setup to use a Thawte Certificate
  2. The procedure is as follows:
       1. Generate your private key pair.
       2. Generate a CSR. Set the CommonName (sometimes called the "Domain Name" by server SSL key management packages) attribute to the following string (case sentitive):
       3. Paste the CSR into the space below.
          Paste PKCS#10 CSR here. Include BEGIN and END lines in their entirety.
          |Paste PKCS#10 CSR here.                                 |
          |Include BEGIN and END lines in their entirety.          |
          |                                                        |
          |                                                        |
  3. Start Keychain Access (utilities)
    Select Certificate Assistant in Keychain Access menu.
    Specify Request a certificate from a CA.
    You'll get email with a certificate.
    Paste it in the above window on the thawte page.
Setting up a Thawte Web of Trust (WOT) certificate for Mac Mail
Other Links:

last updated 6 Dec 2008