I have a problem configuring iChain to communicate via SSL with the origin web server. I have configured the trusted root container, imported the origin web server's SSL certificate, and I specified the trusted root container in the ISO. Still, it is impossible to view the SSL web page from the origin web server. Is there anything I might have missed?
You don't want the origin server SSL certificate in the Trusted Roots Container; you want the CA certificate(s) that were used to sign the server certificate. (It's a Trusted Roots Container, not an SSL Certificate Container ...)
All iChain cares about is that the certificate that the origin server presents was signed (issued) by one of the servers it has been told to trust. For example, if all your back-end servers are using SSL certificates that were signed by Verisign, you would only need to import the Verisign CA (and Intermediate CA) certificate(s) once. iChain would be able to talk to any of them over SSL. Likewise, if you are using
certificates issued by your eDirectory tree, you would just need to import the Organizational CA certificate from you tree to the TRC container to enable iChain to talk to all servers.
Disclaimer: As with everything else at Cool Solutions, this content is definitely not supported by Novell (so don't even think of calling Support if you try something and it blows up).
It was contributed by a community member and is published "as is." It seems to have worked for at least one person, and might work for you. But please be sure to test, test, test before you do anything drastic with it.