No news there, but some neat tricks: To test a certificate:
> cat mycert.crt mycert.key > mycert.pem > openssl s_server -cert mycert.pem -www
and then check https://localhost:4433
To strip a passphrase from an RSA keyfile:
> openssl rsa -in mykey.key -out newkey.pem
Whenever someone says you should “use make to create hash links” what they really mean is you should use Makefile.crt that comes with mod_ssl to create hash symlinks for Apache. This file doesn’t come with OS X Server however, so either grab one from the mod_ssl source distribution (from the pkg.sslcfg directory) or use the script described here.
All taken from this brilliant Q&A.