ServBay PKI (ServBay CA) Management

In the modern network environment, SSL certificates are essential tools for ensuring the security of data transmission. For developers and users, managing local SSL root certificates (CA) is a crucial step in securing custom services and websites. This document will explain how to manage the local CA provided by ServBay PKI on macOS—ServBay User CA - ECC Root, and address potential certificate error issues.

What is ServBay CA?

ServBay CA is a local Public Key Infrastructure (PKI) and Certificate Authority (CA), used to issue trusted domain (TLS/SSL), email (S/MIME), document (PDF), and source code security SSL certificates for websites (hosts) added by users on ServBay. ServBay CA is automatically generated and installed on the user's system when ServBay is installed, ensuring that users can use secure HTTPS connections during local development and testing.

Requesting ServBay CA SSL Certificates

Please refer to:

• How to Apply for and Use Domain Name SSL Certificates
• How to Apply for and Use Email Signing S/MIME Certificates
• How to Apply for and Use Document Signing Certificates
• How to Apply for and Use Code Signing Certificates

Renewing SSL Certificates

Certificates issued by ServBay CA are valid for 3 years. To renew a certificate, click the refresh button on the right.

Exporting SSL Certificates

Click the 'Export' button on the right of the certificate to export it as a .zip file for easy distribution.

Deleting SSL Certificates

Click the 'Delete' button on the right of the certificate to delete it.

Note: Certificates currently in use by a website cannot be deleted.

How to Find ServBay CA?

In macOS, users can find ServBay CA using the 'Keychain Access' tool. The specific steps are as follows:

1. Open 'Keychain Access', which can be found by searching for Keychain Access in Spotlight.
2. Select the System keychain in the left sidebar.
3. Enter ServBay User CA - ECC Root in the search bar.
4. Locate the certificate in the search results and double-click to view detailed information.

Resolving Certificate Error Issues

If users encounter certificate errors while using websites added by ServBay, it is likely due to incorrect installation of ServBay CA. Users can reinstall or remove the CA certificate using the following steps:

Reinstalling ServBay CA

1. Open the ServBay application.
2. Enter the management panel and select the Services option.
3. Find the ServBay Root CA option.
4. Click the Reinstall ServBay Root CA button and follow the prompts to complete the reinstallation process.

Reissuing All Previously Issued Certificates

In extreme cases, you may want to reissue all certificates to completely resolve certificate issues. To do this, click the Recreate All ServBay User Certificates button and follow the prompts to recreate all SSL certificates.

This action can resolve certificate loss and certificate chain errors but will also result in the reissuance of all SSL certificates. If you have already distributed or exported certificates, promptly redistribute the new certificates to avoid unexpected service downtime.

Summary

By properly managing ServBay CA, users can ensure secure HTTPS connections in local development and testing environments. Reinstalling the CA or reissuing SSL certificates are common solutions when encountering certificate errors. We hope this document helps you manage local SSL root certificates more effectively, improving development efficiency and security.