Article

coolguys's picture
article
Reads:

6337

Score:
0
0
 
Comments:

0

Importing a Third-Party Certificate into eDirectory

Author Info

16 April 2008 - 5:58am
Submitted by: coolguys

Author Blog
Author Profile

Tags

Tags Map

(View Disclaimer)

Problem

A Forum reader recently asked:

"I have 3rd party certificate that I want to import into eDirectory. The CA who signed the CSR sent the following files:

a. signedcertificate.der.cer
b. signedcertificate.pem.cer
c. signedcertificate.p7c
d. rootCA_b64.cer
e. intermediateCA_b64.cer

The CSR was NOT created using eDirectory. It was generated using openssl on a SLES10 server:

Original CSR file = domain.csr
KEY file = domain.key
Original Passphrase is available as is a "random" file used to generate the key file.

I have studied the documentation and TIDs, and they all assume that the CSR was generated in eDirectory and thereby an associated KMO was created. I have no KMO in eDirectory for this certificate. How do import this certificate into eDirectory?"

Solution

There are basically four things you need to do:

1. Make a PEM file.

2. Run openssl on the .pem file.

3. Import the .pfx file into eDirectory.

4. Apply certs to both instances of Apache (Remote manager and iManager).

For details, take a look at the following link:

http://myfiles.hmdc.harvard.edu/certificate.html


Disclaimer: As with everything else at Cool Solutions, this content is definitely not supported by Novell (so don't even think of calling Support if you try something and it blows up).

It was contributed by a community member and is published "as is." It seems to have worked for at least one person, and might work for you. But please be sure to test, test, test before you do anything drastic with it.



Related Articles


User Comments

© 2013 Novell