Create a server certificate in iManager.
In the
view, click .Browse to and select the server object where the SOAP driver is installed.
Specify a certificate nickname.
Select
as the creation method, then click .Click
, then click .Export a self-signed certificate from the certificate authority in eDirectory™.
In the
view, click .Select your tree’s certificate authority object, then click
.It is usually found in the Security container and is named something like TREENAME CA.Security.
Click
.Click
.When asked if you want to export the private key with the certificate, click
, then click .Based on the client to be accessing the Web service, select either
or for the certificate, then click .If the client uses a Java-based keystore or trust store, then you can choose either format.
Click
.Click
and browse to a known location on your computer.Click
, then click .Import the self-signed certificate into the client’s trust store:
The steps to import the certificate vary depending on the client that connects to the Publisher channel’s HTTPS listener. If the client uses a typical Java keystore, you can perform the following steps to create the keystore:
Use the keytool executable that is included with any Java JDK*.
For more information on keytool, see Keytool - Key and Certificate Management Tool.
Enter the following command at a command prompt:
keytool -import -file name_of_cert_file -trustcacerts -noprompt -keystore filename -storepass password
For example:
keytool -import -file tree_ca_root.b64 -trustcacerts -noprompt -keystore dirxml.keystore -storepass novell
Configure the Publisher channel to use the server certificate you created in Step 1:
In iManager, in the
view, click .Locate the driver set containing the SOAP driver, then click the driver’s icon to display the Identity Manager Driver Overview page.
In the Identity Manager Driver Overview page, click the driver’s icon again, then scroll to
.In the Step 1.
setting, specify the certificate nickname you used inClick
, then click .