Article

Problem

A Forum reader recently asked:

"I have 3rd party certificate that I want to import into eDirectory. The CA who signed the CSR sent the following files:

a. signedcertificate.der.cer
b. signedcertificate.pem.cer
c. signedcertificate.p7c
d. rootCA_b64.cer
e. intermediateCA_b64.cer

The CSR was NOT created using eDirectory. It was generated using openssl on a SLES10 server:

Original CSR file = domain.csr
KEY file = domain.key
Original Passphrase is available as is a "random" file used to generate the key file.

I have studied the documentation and TIDs, and they all assume that the CSR was generated in eDirectory and thereby an associated KMO was created. I have no KMO in eDirectory for this certificate. How do import this certificate into eDirectory?"

Solution

There are basically four things you need to do:

1. Make a PEM file.

2. Run openssl on the .pem file.

3. Import the .pfx file into eDirectory.

4. Apply certs to both instances of Apache (Remote manager and iManager).

For details, take a look at the following link:

http://myfiles.hmdc.harvard.edu/certificate.html