Enabling Secure LDAP Connections

Exporting the Trusted Root

Although this procedure demonstrates how to perform the task in ConsoleOne, NetWare Administrator can accomplish the same task.

In ConsoleOne, right-click the Security object at the [Root] of the tree and click New > Object.

Click NDSPKI: Certificate Authority > OK, then follow the online instructions.

Right-click the LDAP Server container, then click New > Object.

Click NDSKPI: Key Material > OK, then follow the online instructions.

Expand the LDAP Server container.

Right-click the Key Material object you created for the SSL certificate, then click Refresh LDAP Server Now > Close.

Export the self-assigned CA from NDS.

Right click the Key Material Object.

Select Properties.

Select Public Key Certificates on the Certificates tab.

Click Export.

Install the self-assigned CA in all browsers that establish secure LDAP connections to NDS.

Importing the Trusted Root into the Browser

Importing the Trusted Root into Netscape Navigator

Select File > Open Page.

Select Choose File, and open the trusted root file that was previously exported.

This launches the New Certificate Authority Wizard.

The New Certificate Authority wizard does not launch if you do not have the correct file extension registered on your workstation. This is typically the case if you have installed Internet Explorer 5 and/or Windows NT service pack 4 or greater.

To fix this problem, exit Navigator.

Run the file X509.REG (located in <Install_dir>\NDS, where <Install_dir> is the directory name you selected when you installed NDS).

Rename the trusted root certificate file you exported to .X509 extension.

Import the certificate into Navigator.

Follow the online prompts.

Check Accept this Certificate Authority for Certifying Network Sites.

Importing the Trusted Root into Internet Explorer

Select File > Open.

To locate and select the trusted root file that was previously exported.

This launches the New Site Certificate Wizard.

Follow the online prompts.