Learn how to encrypt files on Mac OS X 10.9. This step will allow you to create a new disk image. Think of it like a virtual USB thumb drive. The Best Encryption Software for Mac in 2020 Part 4. Other Mac Encryption Tools Part 5. Factors to Consider when Choosing the Best Encryption Software for Mac Part 6. Why Need to Encrypt Mac Files? All vital files stored inside a computer including Mac need to be encrypted for security purposes. Tunein app mac os. If you happen to hear, watch.
FileVault 2 is available in OS X Lion or later. When FileVault is turned on, your Mac always requires that you log in with your account password.
https://palmever227.weebly.com/blog/what-does-the-genius-use-mac-apps. If you would prefer we not collect and use information from your iTunes library in this manner, you should not enable the Genius feature. You can revoke your opt-in choice at any time by choosing to turn off the Genius feature from the Store menu. Upon opting-out, iTunes will no longer send information about your iTunes library to Apple.
Choose Apple menu () > System Preferences, then click Security & Privacy.
Click the FileVault tab.
Click , then enter an administrator name and password.
Click Turn On FileVault.
If other users have accounts on your Mac, you might see a message that each user must type in their password before they will be able to unlock the disk. For each user, click the Enable User button and enter the user's password. User accounts that you add after turning on FileVault are automatically enabled.
Choose how you want to be able to unlock your disk and reset your password, in case you ever forget your password:
If you're using OS X Yosemite or later, you can choose to use your iCloud account to unlock your disk and reset your password.*
If you're using OS X Mavericks, you can choose to store a FileVault recovery key with Apple by providing the questions and answers to three security questions. Choose answers that you're sure to remember.*
If you don't want to use iCloud FileVault recovery, you can create a local recovery key. Keep the letters and numbers of the key somewhere safe—other than on your encrypted startup disk.
If you lose both your account password and your FileVault recovery key, you won't be able to log in to your Mac or access the data on your startup disk.
By default, all apps that you purchase from the Mac App Store and most other apps appear in the Applications folder. If you used a custom installation in OS X Mavericks, then you may need to use Spotlight to find the location of the app on your computer. Mavericks uses two types of applications - an application bundle or a installer. You can easily find the Applications folder on a Mac computer using the Finder tool in your Dock, where you can also pin the apps you use most. Mac App Store is the simplest way to find and download apps for your Mac. To download apps from the Mac App Store, you need a Mac with OS X 10.6.6 or later. Find apps on mac. How to find and list all applications that exist in Mac computer storage? In certain situations, you may need to know the number and type of applications installed on a Mac computer. This could be to check for malicious applications that are sometimes bundled with other software, or to list existing apps that might be occupying excessive.
Encryption occurs in the background as you use your Mac, and only while your Mac is awake and plugged in to AC power. https://palmever227.weebly.com/blog/mac-os-x-itunes-app-where-is-install. You can check progress in the FileVault section of Security & Privacy preferences. Any new files that you create are automatically encrypted as they are saved to your startup disk.
When FileVault setup is complete and you restart your Mac, you will use your account password to unlock your disk and allow your Mac to finish starting up. FileVault requires that you log in every time your Mac starts up, and no account is permitted to log in automatically. Blackberry 9300 desktop software for mac.
Mac App Store is the simplest way to find and download apps for your Mac. To download apps from the Mac App Store, you need a Mac with OS X 10.6.6 or later. Mac apple music app. Apple Music gives you unlimited access to millions of songs and your entire Apple Music library. All ad-free and available right from your Android device, iPhone, iPad, or Mac or PC. There’s no commitment — cancel anytime. Stream over 60 million songs from the Apple Music catalog. Follow along to your favorite songs with time-synced lyrics. Apple Music is a streaming service that allows you to listen to over 70 million songs. Its great features include the ability to download your favorite tracks and play them offline, lyrics in real time, listening across all your favorite devices, new music personalized. Fleetwood Mac decided to follow up the career-defining, best-selling Rumours with an album that would not compromise their integrity or seem like a quick rehash of their proven FM-radio-friendly formula.Tusk is not Rumours, Pt.II.It's an expansive, 20-track collection that allows each of the three songwriters—Lindsey Buckingham, Christine McVie, and Stevie Nicks—to stretch their musical. The power of Mac. Dedicated apps for music, TV, and podcasts. Smart new features like Sidecar, powerful technologies for developers, and your favorite iPad apps, now on Mac.
Reset your password or change your FileVault recovery key
If you no longer want to encrypt your startup disk, you can turn off FileVault:
Choose Apple menu > System Preferences, then click Security & Privacy.
Click the FileVault tab.
Click , then enter an administrator name and password.
Click Turn Off FileVault.
Decryption occurs in the background as you use your Mac, and only while your Mac is awake and plugged in to AC power. You can check progress in the FileVault section of Security & Privacy preferences.
Learn more
Learn how to create and deploy a FileVault recovery key for Mac computers in your company, school, or other institution.
If you're using FileVault in Mac OS X Snow Leopard, you can upgrade to FileVault 2 by upgrading to OS X Lion or later. After upgrading OS X, open FileVault preferences and follow the onscreen instructions to upgrade FileVault.
RAID partitions or non-standard Boot Camp partitions on the startup drive might prevent OS X from installing a local Recovery System. Without a Recovery System, FileVault won't encrypt your startup drive. Learn more.
* If you store your recovery key with Apple or your iCloud account, there's no guarantee that Apple will be able to give you the key if you lose or forget it. Not all languages and regions are serviced by AppleCare or iCloud, and not all AppleCare-serviced regions offer support in every language. If you set up your Mac for a language that AppleCare doesn't support, then turn on FileVault and store your key with Apple (OS X Mavericks only), your security questions and answers could be in a language that AppleCare doesn't support.
Article ID = 211 Article Title = How To Setup Let's Encrypt For OS X / macOS + Server 5.x Article Author(s) = Graham Needham (BH) Article Created On = 23rd November 2017 Article Last Updated = 9th March 2020 Article URL = https://www.macstrategy.com/article.php?211 Article Brief Description: How to setup and configure Let's Encrypt secure certificates with OS X / macOS and Server 5.x
How To Setup Let's Encrypt For OS X / macOS + Server 5.x
WARNING: As of September 2018 Apple has gutted macOS Server and removed most/all of the useful Server features! Instructions for installing Let's Encrypt website secure SSL certificates for OS X / macOS with websites hosted by OS X / macOS Server.
Preparation
In this article:
Replace all instances of 'your_domain_name' with your actual Domain Name
Replace all instances of '.tld' with the appropriate |Top-Level Domain' code applicable to your Domain Name purchase/registration e.g. '.com'
This article assumes you have not moved the standard OS X / macOS Server web folders directory from it's standard location at /Library/Server/Web/Data/Sites/ - if you have you will need to replace all instances of /Library/Server/Web/Data/Sites/ with the path to your alternate location
the ~ character refers to your home directory i.e. usually, Macintosh HD > Users >your home directory (usually a house icon)
To get to hidden folders/directories in the Finder e.g. /etc/, in the Finder, go to the Go menu > Go to Folder… > enter the path to the folder/directory you want to go to e.g. '/etc/'
Replace 'admin_password' with your actual computer administrator account password
You will need the following before you can continue with this configuration article:
Basic skills at using the Terminal command line - iMore has a good introduction to it here
A decent text editor that is better than TextEdit e.g. BBEdit (US$49.99)
A launchd plist editor e.g. Lingon X (US$10.99)
Apple Mac computer running OS X 10.10 or later:
OS X / macOS Server:
At least one domain name and website configured via OS X / macOS Server. We have some articles that may help with this:
macOS 10.14 Mojave + Server 5.7.x - coming soon
macOS 10.13 High Sierra + Server 5.4-5.6.3 - coming soon
The domain(s) you want to obtain certificates for must be configured in OS X / macOS Server and publicly accessible via the normal internet
Consider the timing - Let's Encrypt issues 90 day certificates that can be renewed with less than 30 days to go - so 90 days is the max renewal via manual methods, 60 days is the auto renewal timeframe - so think about when those dates will fall after the initial setup and that you will be around/available to perform the manual renewal or check that the auto renewal method has worked!
You will need a contact/registration email address for each domain certificate that you initially request - this is also used for renewal/problem emails so it might be worth setting up a special email address for this sort of thing if you haven't already got one
Install and setup 'Let's Encrypt' (Certbot) with Homebrew
To install Homebrew vist http://brew.sh then return to here. Go to Macintosh HD > Applications > Terminal > and enter the following commandsbrew update sudo mkdir /etc/letsencrypt sudo mkdir /var/lib/letsencrypt sudo mkdir /var/log/letsencrypt brew install letsencrypt git clone https://github.com/letsencrypt/letsencryptIf everything went okay, you should see the following folders in:
~/letsencrypt
/etc/letsencrypt
UPDATE 09/03/2020: From 01/06/2020 Let's Encrypt will stop supporting the old ACMEv1 protocol. You must have an ACMEv2 compatible client. If you have already installed Let's Encrypt's Certbot you can easily update it via the command:brew upgrade certbotIf you are running an outdated version it will update. If you are running the current version it will let you know that it does not need to be updated.
Create required (hidden) directories
Using the Terminal, create two folders/directories for automated scripts:mkdir ~/letsencrypt/my_script mkdir ~/letsencrypt/my_script/logsYou need to create two (hidden) folders/directories in the website for each domain that you want certificates for:sudo mkdir /Library/Server/Web/Data/Sites/your_domain_name's website folder/.well-known/ sudo mkdir /Library/Server/Web/Data/Sites/your_domain_name's website folder/.well-known/acme-challengeFiles in these folders must be publicly accessible via the normal internet. To test this put a quick and dirty html file named 'test.html' in each of the folders then make sure you can access them via a browser at:
Using the Terminal, enter the following command: NOTE: As wildcard certificates are not available yet, you can add multiple, additional sub-domain cerificates with '-d additional.your_domain_name.tld' on the end of the command below e.g. '-d mail.your_domain_name.tld' UPDATE 19/03/2018: Let's Encrypt - ACME v2 and Wildcard Certificate Support is Livesudo certbot certonly --webroot -w /Library/Server/Web/Data/Sites/your_domain_name's website folder -d your_domain_name.tld -d www.your_domain_name.tldFollow the on-screen instructions. If successful your certificate (a 'cert.pem' file) will appear in /etc/letsencrypt/live/your_domain_name.tld/
Manually convert the certificate for use with OS X / macOS
Using the Terminal, enter the following command:sudo openssl pkcs12 -export -inkey /etc/letsencrypt/live/your_domain_name.tld/privkey.pem -in /etc/letsencrypt/live/your_domain_name.tld/cert.pem -certfile /etc/letsencrypt/live/your_domain_name.tld/fullchain.pem -out /etc/letsencrypt/live/your_domain_name.tld/letsencrypt_sslcert.p12 -passout pass:'admin_password'
Import the certificate into the OS X / macOS Keychain
Mac Os Disk Encryption
Using the Terminal, enter the following command:
How To Encrypt Apps On Mac Os Xp
sudo security import /etc/letsencrypt/live/your_domain_name.tld/letsencrypt_sslcert.p12 -f pkcs12 -k /Library/Keychains/System.keychain -P 'admin_password' -T /Applications/Server.app/Contents/ServerRoot/System/Library/CoreServices/ServerManagerDaemon.bundle/Contents/MacOS/servermgrdCheck the certificate has been installed successfully (into the OS X / macOS Keychain) by going to Server app > Certificates - you should see the certificate for your domain listed as Issuer: 'Let's Encrypt Authority X3'. Quit and relaunch the Server application if it was open while you were doing the above.
Configure your website(s) to use https
Open the Server application and for each website:
Click on 'Websites' on the left
Make sure the domain already has a non-secure website entry using port 80 - do not delete this or edit this to be a secure entry
Create a new website entry for the website and set:
'Domain name' to 'your_domain_name.tld'
'SSL Certificate' to the one you just installed i.e. 'your_domain_name.tld - Let’s Encrypt Authority X3' and check that the port number automatically changes to '443'
'Store Site Files In' to the directory for your website files
Click the 'Edit…' button to the right of 'Additional Domains' and add 'www.your_domain_name.tld'
Click the 'Edit…' button to the right of 'Index Files' and set accordingly
Click 'OK' to return to the main Websites list window
Optional - update the domain's non-secure website entry with a redirect so that all web page accesses go to https:
NOTE: See also the considerations of moving to https section below for some important implications of moving your web site to https.
Edit the non-secure website entry
Click the 'Edit…' button to the right of 'Redirects'
Set 'Source' to '/' (everything)
Set 'Destination' to 'https://www.your_domain_name.tld/' with status 'permanent 301' (redirection)
Click 'OK'
Click 'OK' to return to the main Websites list window
Manual certificate renewal
Using the Terminal, enter the following command: NOTE: As wildcard certificates are not available yet, you can add multiple, additional sub-domain cerificates with '-d additional.your_domain_name.tld' on the end of the command below e.g. '-d mail.your_domain_name.tld'. This should be the same as the initial certificate but if they are different you should get a special 'update configuration' prompt when doing the following command. UPDATE 19/03/2018: Let's Encrypt - ACME v2 and Wildcard Certificate Support is Livesudo certbot certonly --webroot -w /Library/Server/Web/Data/Sites/your_domain_name's website folder -n -d your_domain_name.tld -d www.your_domain_name.tldFollow the on-screen instructions. If successful your certificate (a 'cert.pem' file) will appear in /etc/letsencrypt/live/your_domain_name.tld/ with a current date and time creation date
Automate certificate renewal
Using the Terminal, enter the following command and note the output result:echo $PATHFor each domain/website, create a command text file using your favourite text editor e.g. BBEdit in ~/letsencrypt/my_script:Use a launchd editor e.g. Lingon X to add a launchd automated task, running as root, to run the script you just created and pick a regular day and/or time. For example to trigger your automated certificate renewal script to run every Tuesday at 08:00:
Create a new task
TICK 'Enabled'
Set 'User' to 'root'
Name = 'com.your_domain_name.cert_renewal_tuesday.plist'
Run = '/Users/replace_with_your_home_directory_name/letsencrypt/my_script/cert_renewal_your_domain_name_tuesday.sh'
NOTE: The .sh filename should match the name of the script you created above.
When tab > TICK 'Scheduled'
Set schedule to 'Day of week' + 'Tuesday' + '08:00'
Click 'Save'
To test it works, select it and click the 'Test' button - if there are no error messages you can check the script has run correctly by checking:
A new, converted certificate titled 'letsencrypt_sslcert.p12' will appear in /etc/letsencrypt/live/your_domain_name.tld/ with a current date and time creation date.
If (and only if) the certificate has been renewed a new, updated certificate titled 'cert.pem' will appear in /etc/letsencrypt/live/your_domain_name.tld/ with a current date and time creation date.
If (and only if) the certificate has been renewed a new, updated certificate will have been imported successfully into the OS X / macOS Keychain - go to the Server application > Certificates - you should see the new certificate for your domain listed as Issuer: 'Let's Encrypt Authority X3' and an updated 'Expiration Date'. Quit and relaunch the Server application if it was open while you were doing the above.
Old certificates will still show in the Server application - you can manually delete them and services should automatically switch over to using the renewed/new certificate.
Considerations of moving to https
Redirecting all http accesses to https - there are several ways to do this (one is listed above in our configure your website(s) to use https section above)
Canonical links in page headers
Robots
Google page ranking (a https link may be treated differently to a http link)
Mixed content on your page i.e. content server up from other servers e.g. adverts - this will cause browsers to show users that your site is not totally secure
Useful information:
How To Encrypt A Mac
References
The following pages were extremely useful in compiling this set of instructions:
Certbot instructions for macOS users - running Apache (instructions also available for Nginx, Haproxy, Plesk, other)
Article Keywords: OS X OSX 1010 1011 macOS 1012 1013 1014 Yosemite El Capitan Sierra High Sierra Mojave Server 4 5 internet web email SMTP POP PO3 IMAP secure SSL certificate free domain domains name names plist cron job cronjob launchd automate automatic regular renew Let's Encrypt letsencrypt certbot What is the best home accounting software for mac.
If this information helped you or saved you time and/or money why not donate a little to us via PayPal? All proceeds go directly to MacStrategy / Burning Helix to help fund this web site.
How To Encrypt Apps On Mac Os X Mojave
If this information helped you or saved you time and/or money why not donate a little to us via PayPal? All proceeds go directly to MacStrategy / Burning Helix to help fund this web site. Go to this web page to donate to us.