If you plan to use the Secure Socket Layer (SSL) so that you can provide secure data transfers, complete the following tasks:
If you are unfamiliar with certificates, create a new one.
However, if an SSL server certificate already exists and you have experience with SSL certificates, you can use the existing certificate instead of creating and using a new one.
When a server joins a tree, eDirectory creates the following default certificates:
In Novell iManager, click Novell Certificate Server > Create Server Certificate.
Select the server that will own the certificate, and give the certificate a nickname (for example, remotecert).
IMPORTANT: We recommend that you don't use spaces in the certificate nickname. For example, use remotecert instead of remote cert.
Also, make a note of the certificate nickname. You will use this nickname for the KMO name in the driver's remote connection parameters.
Leave the Creation method set to Standard, then click Next.
Review the Summary, click Finish, then click Close.
You have created a server certificate. Continue with Exporting a Self-Signed Certificate.
Click eDirectory Administration > Modify Object.
Browse to and select the Certificate Authority in the Security container, then click OK.
The Certificate Authority (CA) is named after the tree name (Treename-CA.Security).
Click the Certificates tab, click Self-Signed Certificate, then click Export.
In the Export Certificate Wizard, select No, then click Next.
You don't want to export the private key with the certificate.
Select to export the file in Base64 format (for example, akranes-tree CA.b64), then click Next.
Click the link to Save the Exported Certificate to a File, specify a filename, specify a location, then click Save.
Rootfile names require .pem as an extension.
In the Save As dialog box, copy this file to a local directory.
Click Close.