Home Knowledge Base Server Configuration Importing 10.4 SSL certs into 10.5
Importing 10.4 SSL certs into 10.5 Print E-mail
User Rating: / 0
PoorBest 
Written by Clint McIntosh   
Monday, 11 May 2009 11:08

If you have a Tiger (10.4) server with SSL certificates that you are going to replace with a new Leopard (10.5) server, using the same name and SSL certificates, you may encounter a tiny gotcha in the Mail service - an error that may look something like this:

Postfix TLS Error: cannot get private key from file /etc/certificates/mycert.key

...after "successfully" importing the old cert.

You may also find that your SSL mail clients won't be able to connect either.

The problem here is that postfix is failing on encrypted TLS certs and OSX ServerAdmin created certs are encrypted. The fix is, as should be expected, to unencrypt the cert:
  1. cd /etc/certificates
  2. cp mycert.key mycert.key.saved
  3. openssl rsa -in mycert.key -out mycert.key.out
  4. cp -p mycert.key.out mycert.key
  5. postfix reload
 

We Know Macintosh

Apple certified Macintosh experts serving east TN since 1994.

(865) 584-3355

 

We Know IT for Business

We know how to satisfy the IT needs for business

  • OSX server administration and setup
  • Email
  • Installation and Configuration
  • Upgrades, Preventative Maintenance
  • Network Design, Router Configuration
  • Secure Multi-location Networking, Virtual Private Networks (VPN)
  • Domain Name and Web Hosting Management
  • Windows Integration, File Sharing, and Platform Migration
  • Backup and Disaster Planning
  • Remote Systems Monitoring and Repair

 
Log in

©1994-2009 The Metamedia Corporation™. All Rights Reserved.
HappyMac™ is a trademark of The Metamedia Corporation. Apple and Macintosh are trademarks of Apple Inc. All other trademarks are trademarks of their respective owners.