15.2 Creating Server Certificates

  1. Log in to iManager. On a Windows XP or 2000 machine connected to a NetWare® 6.5 server, open either the Internet Explorer or Mozilla Forefox browser and go to (https:// ipaddress/nps/iManager.html), where ip address is the IP address of a NetWare 6.5 server running Novell BorderManager 3.9.

    NOTE:You can run iManager from a NetWare server to configure other Novell BorderManager 3.9 servers.

  2. Type the username and password. Click Login. The username and password are the Novell eDirectory login details. Specify the non-fully-distinguished name.

  3. In the left pane, select Novell Certificate Server, then select Create Server Certificate.

    Figure 15-1 Server Certification Creation

  4. Specify the Server and the Nickname for the certificate, or click to select the server object. Select the Custom check box and specify the details of the certificate, then click Next.

    NOTE:While creating server certificates, the Custom check box must be selected, and the key usage should be set to data encipherment and digital signature. For user certificates, creating a standard certificate will suffice.

    It is recommended that you use the Custom option. If you use the Standard option, although client-to-site services will work, there might be some problems with site-to-site services.

  5. Select Organizational Certificate Authority, then click Next.

    Figure 15-2 Certificate Authority

  6. Specify the Key size and usage, then click Next.

    Figure 15-3 Key Size and Usage

  7. Specify the parameters of the certificate, then click Next.

    Figure 15-4 Certificate Parameters

    NOTE:The advantage of providing the exact time for the validity of the certificate is that, if there is a timing issue with the server the entry will not be invalid.

    Entering the exact time for validity has the advantage that if there is a timing issue with the server the entry will not be invalid.

  8. Select the relevant text box to specify the trusted root for the certificate, then click Next.

    Figure 15-5 Trusted Root

  9. The summary page shows the complete details of the certificate chosen. If the information is correct, click Next. If it is not correct, then go back and make the required changes.

    After the certificate is successfully created, you get a Success message.

    Figure 15-6 Sever Certificate Completion