The release of SBS 2003 provided a much-needed featureSSL Security Certificates at no additional cost. Well, no monetary cost, anyway. These certificates are self-signed. So although the certificate enables SSL communications on the SBS server (for Outlook Web Access [OWA], Remote Web Workplace, and other services), it is not specifically a trusted certificate. In the Windows world, this is not much of a problem. When you connect to a site using a self-signed certificate, you are presented with a warning indicating that the certificate is not valid, specifically pointing out that it is signed by a nontrusted authority. To get past this, you click Yes and go on. Not surprisingly, the behavior is a little different in the Macintosh world. Using Microsoft Internet Explorer on the Mac to connect to these same sites results in a hard block. IE generates an error, not a warning, and refuses to continue access to the site. However, Microsoft has discontinued production on IE for the Mac. Fortunately, there are workarounds. Unfortunately, none of them involve IE for the Mac. People using Netscape 4.x or 7.x for the Mac are prompted with a similar warning when accessing these sites. Netscape gives you the option to add the security certificate to its own certificate store. This is the only way to work around this problem for Macs running OS 9. There are also times when access to one of these sites takes place outside the context of the web browser. Mac OS X has its own internal certificate store. The Safari web browser and other services in Mac OS X use this store. It is also used by Entourage 2004 to connect to an Exchange server. You can import these self-signed certificates into the OS store as a trusted certificate, and that allows Safari and other tools that look to the OS store for certificates to communicate securely with the server without generating warnings or errors. Exporting the SSL Certificate from SBSThe self-signed certificate on SBS is stored in the certificate store, not as a file on the disk. To get the certificate into a format that the Mac can use to add to its own store, the certificate must be exported from the certificate store on the server into a file. Follow these steps to export the self-signed SSL certificate from the server:
Importing the SSL Certificate into the Macintosh Certificate StoreAfter you export the OWA certificate and copy the certificate file to the Mac OS X computer, you can add the certificate as a trusted certificate using either the UNIX interface on the Macintosh or a third-party utility, such as the freeware program CerttoolGUI 0.1. This utility is available at either of the following websites: http://macupdate.com/info.php/id/10947 http://www.versiontracker.com/dyn/moreinfo/mac/18496 Follow these steps to add the certificate using CerttoolGUI 0.1:
Follow these steps to add the certificate using the UNIX interface on Mac OS X:
|