Configuration Guides › Directory Configuration Guide › Oracle Internet Directory Server › SiteMinder SSL Configuration for OID

SiteMinder SSL Configuration for OID

You can configure an SSL-encrypted connection from the Policy Server to an OID directory server.

Note: The following assumes you have created cert7.db and key3.db database files. For more information on creating these files using a third-party tool, refer to Manage SSL certificates.

To configure an SSL-encrypted connection from the Policy Server to an OID directory server

1. Install the Certificate Authority's (CA) root certificate in the Netscape cert7.db database on each Policy Server that is expected to use SSL when communicating with an OID directory.

   Note: SiteMinder requires the certificate to be in a Netscape version file format (cert7.db), so do not use Microsoft Internet Explorer to install the certificate.

2. Enter the following values on the Data tab on the Policy Server Management Console:
   • Database: Policy Store
   • Storage: LDAP
   • LDAP IP Address: 192.168.122.18:636
   • Admin Username: cn=orcladmin
   • Root DN: ou=ps6,dc=Netegrity
3. In the Netscape Certificate Database File field, configure the Policy Server to use SSL by specifying the path to the cert7.db file.

   Note: The key3.db file must also be in the same directory as the cert7.db file.

Consider the following:

• If you have not done so already, configure an SSL connection to a user directory by selecting the Secure Connection check box on the Directory Setup group box on the User Directory: Name pane.
• If the Policy Server is operating in FIPS mode and the directory connection is to use a secure SSL connection when communicating with the Policy Server, the certificates used by the Policy Server and the directory store must be FIPS compliant.