6.5 Creating SSL Certificates

If SSL certificates are not present or have not been created, Identity Manager drivers might not start or function properly. We recommend using SSL certificates for encryption and secure information transfer between clusters and the Identity Manager vault.

IMPORTANT:You should create or use a different certificate than the default (dummy) certificate (BCC Cluster Sync KMO) that is included with BCC.

To create an SSL certificate:

  1. Log in to iManager as the BCC Administrator user.

  2. In iManager, go to the Identity Manager Administration page.

  3. Under Identity Manager Utilities, select eDir-to-eDir Driver Certificates.

    The tree, user name, and context information are completed with the information you used when you logged in.

  4. Browse to select the driver, then click OK.

    You can alternatively type the driver name of the driver you created for this cluster in Step 7 of the procedure in Section 6.4, Creating a BCC Driver for a BCC Driver Set. Use the typeless format for the driver name:

    DriverName.DriverSet.OrganizationalUnit.OrganizationName

    Ensure that there are no spaces (beginning or end) in the specified context. Do not use the typeful format that includes the container type in the name:

    cn=DriverName.ou=OrganizationalUnitName.o=OrganizationName

  5. Specify the requested BCC Administrator credentials for the selected driver, then click Next.

  6. Select the matching driver in the other cluster, specify the requested driver information and BCC Administrator credentials, then click Next.

  7. View the summary for the certificate information.

  8. Click Finish.

    The same certificate is created for both servers.

  9. Repeat the process to create certificates for the driver pairs for all drivers.

  10. After the certificates are created, you can start the drivers.