A.3 Creating SSL Certificates

In a multiple-tree BCC, you must create an SSL certificate for the Cluster Resource Synchronization driver, and an SSL certificate for the User Object Synchronization driver. Creating one certificate creates that certificate for a driver pair. For example, creating an SSL certificate for the Cluster Resource Synchronization driver creates the certificate for the Cluster Resource Synchronization drivers on both clusters.

To create an SSL certificate:

  1. Start your Internet browser and enter the URL for iManager.

    The URL is http://server_ip_address/nps/iManager.html. Replace server_ip_address with the IP address or DNS name of the server that has iManager and the Identity Manager preconfigured templates for iManager installed.

  2. Specify your username and password, specify the tree where you want to log in, then click Login.

  3. In the left column, click DirXML Utilities, then click NDS-to-NDS Driver Certificates.

  4. Specify the requested driver information for both eDirectory trees.

    You must specify the driver name (including the context) you supplied in Step 8 for the current tree. Use the following format when specifying the driver name:

    DriverName.DriverSet.OrganizationalUnit.OrganizationName
    

    Ensure that there are no spaces (beginning or end) in the specified context, and do not use the following format:

    cn=DriverName.ou=OrganizationalUnitName.o=OrganizationName