In order to secure the authentication credentials, NetIdentity takes advantage of SSL certificates located on the workstation or the server. Without a valid certificate, NetIdentity cannot process requests for authentication and users will be prompted to enter their usernames and passwords each time they start a new Web-based application.
IMPORTANT: If an SSL certificate is not available, users who have logged in to the network are not automatically authenticated to Web-based applications that take advantage of the NetIdentity wallet and no message appears telling them that NetIdentity is not passing their credentials. They will be prompted to enter their username and password by each Web-based application.
To use Novell certificates with a Web browser to do SSL, follow the procedure listed at "Configuring Microsoft Internet Explorer (IE) for SSL with Novell Certificates in the Novell Certificate Server 2.5.2 Administration Guide. This procedure requires that a certificate signed by the Organizational Certificate Authority be installed into each Internet Explorer's certificate store. Besides the listed procedure, there are other ways to populate the browser's certificate store, such as prepopulating the certificate store before distributing the browser or using ZenWorks.
Another option that would save you the effort of installing a certificate on each browser would be to create a Server Certificate (KMO) that contains the trusted root certificate signed by a popular third-party Certificate Authority and configure your Web-based applications to use that Server Certificate for SSL transactions.
To create a Server Certificate (KMO) that contains the trusted root certificate signed by a popular third-party Certificate Authority:
In Novell iManager, create a Server Certificate object (KMO) using the Custom option and select Third-party Certificate Authority as the signing authority.
See "Creating Server Certificate Objects" in the Novell Certificate Server 2.5.2 Administration Guide
Send the Certificate Signing Request (CSR) to your third-party Certificate Authority.
They will return some certificates to you.
Import the trusted root certificate into the newly created Server Certificate object (KMO).
Follow the procedure listed in "Server Certificate Object Tasks" in the Novell Certificate Server 2.5.2 Administration Guide
Configure your Web-based applications to use the new Server Certificate object (KMO) for SSL transactions.