7.1 Step 1: Generating a Server Certificate

You first need to install a server certificate. The LDAP server itself can generate a certificate, but the certificate must then be signed by a CA that is trusted by the server. One way to get the certificate signed is to use the CA that comes with an Identity Vault.

To generate a certificate request:

  1. In the navigation tree in Netscape Console, select the server that the driver will communicate with.

  2. Click Open Server.

  3. Click Tasks > Certificate Setup Wizard.

  4. Provide information to request a certificate.

    Depending on the certificates or tokens that might already be installed on the host system, you might see some or all of the following fields:

    Select a Token (Cryptographic Device): Select Internal (Software).

    Is the Server Certificate Already Requested and Ready to Install? Select No.

    If a trust database doesn’t already exist for this host, one is generated for you.

    A trust database is a key pair and certificate database installed on the local host. When you use an internal token, the trust database is the database into which you install the key and certificate.

  5. Type and confirm the password.

    The password must contain at least eight characters, and at least one of them must be numeric. This password helps secure access to the new key database you’re creating.

  6. Continue providing information as prompted, then click Next.

  7. After a trust database is created, click Next.

  8. Type the requested information, then click Next.

  9. Type the password for the token you selected earlier, then click Next.

    The Certificate Setup Wizard generates a certificate request for your server. When you see the page, you can send the certificate request to the certification authority.

  10. Continue with Step 2: Sending the Certificate Request.