This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
Generating Dirxml Certificates For Edir2Edir Drivers
Generating Dirxml Certificates For Edir2Edir Drivers

Version management

Difference between version and

At line 1 added 47 lines
!!Requires Cross Signed Certificate
!Resource Tree
*In ConsoleOne, right-click the container containing the eDirectory Server object for the new KMO.
*Click New > Object.
*Click NDSPKI:Key Material > OK.
*Specify a name for the KMO object. If the new KMO will be used for DirXML, name it:\\
{{{DirXML Certificate}}}
*Click Custom > Next.
*Click “External certificate authority” (to indicate that the certificate will signed by the CA in another tree) \\ > click Next.
*Select the defaults for the “Key size” and options
*Click “Next”
*Click the “Edit” button next to the “Subject name” option: \\
Edit the “Subject name” using the format:
{{{
.O=<eDirectory tree name>.CN=<hostname>.<DNS domain>
like
.O=J1TEST.CN=servername.svr.Directory-Info.com
}}}
*Click “OK” to keep your changes.
*Click Next > Finish
*This generates a Certificate Signing Request (CSR)
*Click System Clipboard in Base64 Format > Save.
!Enterprise Tree
*Browse to and select the eDirectory Server object hosting the CA in the Enterprise Tree.
*Select Tools > Issue Certificate.
*Paste the CSR created in Step 10 into the CSR window > click Next.
*Click Next to “Issue Certificate”.
*Click “SSL or TLS” to indicate that the certificate is to be used for SSL authentication > click Next.
*Specify the validity period to “Maximum” > click Next.
*Click Finish to issue the certificate.
*Click System Clipboard in Base64 Format > Save.
!Move back to the Resource Tree
*Right-click the KMO that was created in the Resource Tree > click Properties > click Certificates-Public Key Certificate.
*Click Import.
*Click Read from File. Select the filename of the Trusted Root certificate [exported from the Enterprise Tree|Exporting The Certificate Authority Certificate] > click Next.
*Paste the certificate created by the Enterprise Tree's Certificate Authority into the certificate window.
*Click Finish.
*The Certificate is now ready for use in for DirXML or eDirectory service(s).
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop