1.10 Configuring the Browser for the eDirectory CA

The certificate error you received in the previous section was generated because Web browsers don’t trust eDirectory-based certificate authorities by default.

To eliminate the errors, you must import the eDirectory CA certificate into your browser.

1.10.1 Exporting the CA’s Self-Signed Certificate

  1. In iManager, click the Roles and Tasks icon Roles and Tasks icon.

  2. Click Novell Certificate Server > Configure Certificate Authority.

  3. Click the Certificates tab, then select the check box for the self-signed certificate.

  4. Click the Export sub-tab.

  5. Deselect Export Private Key.

    The Export Format changes to DER.

  6. Click Next.

  7. Click Save the Exported Certificate and save the file to disk, noting the filename and location if indicated.

  8. Click Close > OK.

  9. Find the file you just saved. By default it is usually on the desktop.

  10. To configure Mozilla Firefox on Windows, continue with Importing the CA Certificate into Mozilla Firefox on Windows.

    Instructions for configuring other browsers are in Eliminating Browser Certificate Errors in the OES 2 SP2: Planning and Implementation Guide.

1.10.2 Importing the CA Certificate into Mozilla Firefox on Windows

  1. In Firefox, click Tools > Options > Advanced.

  2. Select the Encryption tab.

  3. Click View Certificates.

  4. Select the Authorities tab, then click Import.

  5. Browse to the certificate file you downloaded in Exporting the CA’s Self-Signed Certificate and click Open.

  6. Select Trust this CA to identify Web sites, then click OK > OK > OK.

    Firefox now trusts certificates from the servers in your lab’s tree.

  7. To verify success, close all instances of Firefox, then restart the browser and log in to iManager again.

    The certificate warning doesn’t appear.