[an error occurred while processing this directive] ITS : Getting Help : Help Documents : Set up RIT certificate authority for Mac OS X 10.3 "Panther"

Set up RIT certificate authority for Mac OS X 10.3 "Panther"

What is a Certificate Authority?

A Certificate Authority is a service that issues the certificates needed to run a public key infrastructure. The CA could be an external commercial CA, or it could be a CA run by your company. The certificates enable a user to log on using a smart card, send encrypted e-mail, code-sign documents, and more. Since a CA is an important trust point in an organization, most organizations will have their own CA.

Installing the certificate

To set up the RIT certificate authority in Mac OS X 10.3 "Panther," you will need to take the following steps.

Note: You may also refer to the document on how to set up RIT certificate authority for Mac OS X 10.2 "Jaguar." While these instructions will work for Mac OS X 10.3, the instructions for Jaguar will also work in Panther.

To use these instructions:

  • You should be logged in as an administrator on the Mac OS X computer.
  • The computer must be connected to the Internet.

Import the RIT certificate authority as follows:

  1. Download the certificate file from http://www.rit.edu/cgi-bin/loadcert.cgi in a Web browser. The file will be saved to your Desktop by default.
  2. Find the certificate file. It will appear on your Desktop unless you have changed the default location for downloaded files.
  3. Rename the file to "ritca.cer" from "loadcert."
    Note: Files with the extension ".cer" are associated with the Keychain Access utility.
  4. Click on the "Add" button when the Finder asks you if you want to add the ".cer" extension to the file.
  5. Double-click on the "ritca.cer" file to open it in the Keychain Access utility. The Keychain Access utility will launch if it is not currently running, and you will see a dialog asking if you want to add the certificates to a keychain.
    Dialog box prompting to add certificates to a keychain
  6. Select the "X509 Anchors" keychain from the "Keychain" pop-up menu in the "Add Certificates" dialog box.
    Add the RIT certificate authority to the "X509 Anchors" keychain
    Note: Do not add the certificate to the keychain that matches your username or to the "System" keychain.
  7. Click the "OK" button to close the dialog box and add the certificate to the "X509 Anchors" keychain.
  8. Quit the Keychain Access utility.
  9. Delete the "ritca.cer" file from your Desktop. It is no longer needed once you have imported it into the keychain.

That's it; you're done!

You should now quit and relaunch any applications that would use the certificate keychain so that your changes take effect in those programs. This includes programs like Apple Mail and Apple's Safari browser. Any Mac OS X program, however, can use the system keychain to rely on the RIT certificate authority for secure communication.

[an error occurred while processing this directive]