Providing for Secure Data Transfers

If you plan to use the Secure Socket Layer (SSL) so that you can provide secure data transfers, complete the following tasks:


Creating a Server Certificate

  1. In Novell iManager, click Novell Certificate Server > Create Server Certificate.


    The Server and Certificate Nickname edit boxes
  2. Select the server that will own the certificate, and give the certificate a nickname (for example, remotecert).

    IMPORTANT:  We recommend that you don't use spaces in the certificate nickname. For example, use remotecert instead of remote cert.

    Also, make a note of the certificate nickname. You will use this nickname for the KMO name in the driver's remote connection parameters.

  3. Leave the Creation method set to Standard, then click Next.

  4. Review the Summary, click Finish, then click Close.

    You have created a server certificate. Continue with Exporting a Self-Signed Certificate.


Exporting a Self-Signed Certificate

  1. Click eDirectory Administration > Modify Object.

  2. Browse to and select the Certificate Authority in the Security container, then click OK.


    The Certificate Authority icon

    The Certificate Authority (CA) is named after the tree name (Treename-CA.Security).

  3. Click the Certificates tab, click Self-Signed Certificate, then click Export.


    The Certificates tab
  4. In the Export Certificate Wizard, select No, then click Next.

    You don't want to export the private key with the certificate.

  5. Select to export the file in Base64 format (for example, akranes-tree CA.b64), then click Next.


    Radio buttons to specify the output format
  6. Click the link to Save the Exported Certificate to a File, specify a filename, specify a location, then click Save.

    Rootfile names require .pem as an extension.

  7. In the Save As dialog box, copy this file to a local directory.

  8. Click Close.