Novell Home

Configuring LDAPS connection for iManager on Sun Solaris or Linux

Novell Cool Solutions: Feature

Digg This - Slashdot This

Posted: 18 Feb 2004
 

Do the following to enable LDAPS communication to the LDAP server.

Export the certificate

  1. Use ConsoleOne
  2. Select properties on "CertificateDNS - <servername>"
  3. Go to the "Certificates"
  4. Select "Public Key Certificate"
  5. Click on [Export]
  6. Do you want to export the private key with the certificate: No
  7. Click on [Next]
  8. File in Base 64 format
    Optionally; change the filename to one without any spaces
  9. Click on [Next]
  10. Click on [Finish]
  11. Copy the certificate file to the server, using a secure method like scp (Secure Copy).

Import the certificate into Java's keystore

  1. If it exists, make a copy of the keystore: # cp <<JAVA_HOME>/jre/lib/security/cacerts <<JAVA_HOME>/jre/lib/security/cacerts.orig
  2. If it exists, copy existing keystore to working directory: # cp <<JAVA_HOME>/jre/lib/security/cacerts
  3. Import the certificate into the keystore
    1. # keytool -import <<certificate file>.der -keystore cacerts
    2. Password: changeit
    3. Trust this certificate: yes
  4. Copy cacerts to /usr/java/jre/lib/security: # cp cacerts <JAVA_HOME>/jre/lib/security

Modify PortalServlet.Properties

If iManager or DEX was installed using cleartext LDAP communication, modify PortalServlet.Properties

  1. Edit <TOMCAT_HOME>/webapps/nps/WEB-INF/PortalServlet.Properties, using vi or another editor
  2. Change

    System.DirectoryAddress=<ipaddress or '127.0.0.1'>\:389

    to
    System.DirectoryAddress=<ipaddress or '127.0.0.1'>\:636

  3. Save the file

Restart Tomcat

  1. # <TOMCAT_HOME>/bin/catalina.sh stop
    or # <TOMCAT_HOME>/bin/shutdown.sh
  2. # <TOMCAT_HOME>/bin/catalina.sh start
    or # <TOMCAT_HOME>/bin/startup.sh

Test it

  1. For iManager use the following URL: http://<ipaddress or dnsname>/nps/iManager.html
  2. For DEX use the following URL: http://<ipaddress or dnsname>/nps

Related Reading

See TID 10090460

For more info about LDAPS, see this page.


Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com

© 2014 Novell