The purpose of purchasing a signed certificate from a Certificate Authority is to avoid your data being intercepted with a "man in the middle" attack. In a man in the middle attack the attacker gains unauthorized access to your network and substitutes his own encryption key to connect to the server. The man in the middle poses as the server, making it possible to intercept, read, and possibly change the data exchanged between the server and clients.
An industry accepted solution to this is to have a trusted third party validate the certificate that was passed back to the client. If a man in the middle has substituted another key, the trusted third party will detect the certificate, and the application will present an alert warning the user about the possibility that someone may be eavesdropping on the connection.
To mitigate this security issue using a Signed SSL Certificate, take the following steps:
- Get a static IP for your MacPractice Server from your ISP.
- Register a domain name with a domain registrar, then point it at this IP address.
- Select a Certificate Authority and generate a CSR following the Certificate Authority's instructions.
- Purchase a certificate from your Certificate Authority.
- Install the signed certificate on your MacPractice Server.