Hi @ted1,
Let's start this from scratch and forget about the keychain in your Mac OS X machine. They way we suggest the users to generate a certificate is the following one:
https://docs.bitnami.com/general/apps/roundcube/administration/create-ssl-certificate-apache/
IMPORTANT: all the commands must be run inside the Bitnami Mac OS X VM
If you open that link, you can see that ...
sudo openssl genrsa -out /opt/bitnami/apache2/conf/server.key 2048
... generates a private key.
sudo openssl req -new -key /opt/bitnami/apache2/conf/server.key -out /opt/bitnami/apache2/conf/cert.csr
... and this one generates the certificate. You will need to send that cert.csr file to the Digicert team to sign the certificate. They will sign it and create the .crt file. You can either wait for them to finish or generate a temporary .crt file
sudo openssl x509 -in /opt/bitnami/apache2/conf/cert.csr -out /opt/bitnami/apache2/conf/server.crt -req -signkey /opt/bitnami/apache2/conf/server.key -days 365
Note: This temporary .crt file will make Apache to work but you will get warnings when accessing the site using HTTPS because it's not a valid certificate
After running all these steps, you will need to modify the Apache's configuration to use these new certificates:
<VirtualHost _default_:443>
DocumentRoot "/opt/bitnami/apache2/htdocs"
SSLEngine on
SSLCertificateFile "/opt/bitnami/apache2/conf/server.crt"
SSLCertificateKeyFile "/opt/bitnami/apache2/conf/server.key"
and restart Apache
sudo /opt/bitnami/ctlscript.sh restart apache
Once Digicert generates the certificate, you will need to copy it to the /opt/bitnami/apache2/conf folder, run these commands
sudo chown root:root /opt/bitnami/apache2/conf/NAME_OF_THE_FILE
sudo chmod 600 /opt/bitnami/apache2/conf/NAME_OF_THE_FILE
update the Apache's configuration
<VirtualHost _default_:443>
DocumentRoot "/opt/bitnami/apache2/htdocs"
SSLEngine on
SSLCertificateFile "/opt/bitnami/apache2/conf/NAME_OF_THE_FILE"
SSLCertificateKeyFile "/opt/bitnami/apache2/conf/server.key"
and restart Apache again
sudo /opt/bitnami/ctlscript.sh restart apache