Identities, in the context of the Mac OS X Server Certificate Manager, are the combination of a signed certificate for both keys of a PKI key pair. The system keychain makes identities available to the various services that support SSL.
Self-signed certificates are certificates that are digitally signed by the private key of the key pair included in the certificate. Each installation of Mac OS X Server v10.5 includes a unique, self-signed certificate. This is done in place of a CA signing the certificate. By self-signing a certificate, you are attesting that you are who you say you are. No trusted third party is involved.
Using Certificate Manager
Server Admin features Certificate Manager to help you create, use, and maintain identities for SSL-enabled services. Certificate Manager integrates management of SSL certificates in Mac OS X Server for all services that allow their use.
Certificate Manager allows creation of self-signed certificates and CSRs to obtain a certificate signed by a CA. The certificates, either self-signed or signed by a CA, are accessible by the services that support SSL.
Identities that were previously created and stored in SSL files can also be imported into Certificate Manager, where they are accessible to all the services that support SSL. Certificates are stored in the system keychain, located at /Library/Keychains/System.keychain.
Certificate Manager displays the following for each certificate:
– The domain name for which the certificate was issued.
– Its dates of validity.
– Its signing authority, such as the CA entity. If the certificate is self-signed, it reads “Self-Signed.”