Additional Components to Set Up

Novell Certificate Server includes some additional components that can be set up to provide additional functionality.


Creating User Certificates

To create user certificates:

  1. Log in to the eDirectory tree as an administrator with the appropriate rights. To view the appropriate rights for this task, see Creating user certificates.

    2.

  2. Start ConsoleOne.

    3.

  3. Double-click the User object that will host the user certificate.

    4.

  4. Click the Security tab > Certificates.

    5.

  5. Click Create.

    This opens a wizard that helps you create the user certificate. For specific information on the wizard pages, click Help.

    6.

Creating a Trusted Root Container

You can create a Trusted Root container anywhere in the eDirectory tree.

To create a Trusted Root container:

  1. Log in to the eDirectory tree as an administrator with the appropriate rights. To view the appropriate rights for this task, seeCreating a Trusted Root Container.

    2.

  2. Start ConsoleOne.

    3.

  3. Right-click the container you want to create the Trusted Root container in and click New > Object.

    4.

  4. From the list box in the New Object dialog box, double-click NDSPKI:Trusted Root.

    This opens a wizard that helps you create the Trusted Root container. For specific information on the wizard pages, click Help.

    5.

NOTE:  Different applications may require that the Trusted Root container be given a specific name and be in a specific location in the eDirectory tree. Novell Certificate Server requires that the Trusted Root container be named Trusted Roots and be located in the Security container. The certificates in this container used to validate user certificates signed by external CAs and intermediate CA certificates stored in Trusted Root objects. Server certificates and the Organizational CA's certificates use the certificate chain stored in their own objects.


Creating Trusted Root Objects

A Trusted Root object can only reside in a Trusted Root Container.

To create Trusted Root objects:

  1. Log in to the eDirectory tree as an administrator with the appropriate rights. To view the appropriate rights for this task, see Creating a Trusted Root object.

    2.

  2. Start ConsoleOne.

    3.

  3. Open the Security container.

    4.

  4. Right-click the Trusted Root Container object and click New > Object.

    5.

  5. From the list box in the New Object dialog box, double-click NDSPKI:Trusted Root Object.

    This opens the Create a Trusted Root Object wizard that helps you create the trusted root object. For specific information on the wizard pages, click Help.

    6.

NOTE:  Any type of certificate can be stored in a Trusted Root object (CA certificates, intermediate CA certificates, or user certificates).



Previous | Next