In most cases, an SSL certificate signed by an existing certificate authority is the best solution, and when something simpler is needed, a self-signed certificate usually suffices. However, there may be situations in which you want to create your own certificate authority. For example, if your organization plans to issue a variety of different certificates (without having an external certificate authority sign them) but doesn't want to require its users to install multiple certificates and set their computers to trust them, it might designate itself as a certificate authority. By installing the certificate authority's root certificate on each user's device and marking it as trusted, the organization can ensure that all future certificates signed by that certificate authority are also trusted. You need not create these certificates yourself, but you — the administrator of the computer with the certificate authority certificate — must sign all requests generated by others.
To create a certificate authority, follow these steps:
Open Keychain Access, which is located in/Applications/Utilities.
Choose Keychain AccessCertificate AssistantCreate a Certificate Authority. Certificate Assistant opens, displaying the Create Your Certificate ...
With Safari, you learn the way you learn best. Get unlimited access to videos, live online training,
learning paths, books, interactive tutorials, and more.