Previous Topic: Configure a Key Store in an Existing Policy Store

Next Topic: Configuring SiteMinder Data in a Relational Database

Configure a Separate Key Store

To configure a separate key store

  1. Start the Policy Server Management Console.

    Important! If you are accessing this graphical user interface on Windows Server 2008, open the shortcut with Administrator permissions, even if you are logged into the system as an Administrator. For more information, see the release notes for your SiteMinder component.

  2. Select the Data tab to move it to the front.
  3. In the Database drop-down list, select Key Store.
  4. In the Storage drop-down list, select LDAP.
  5. (Optional) If applicable, deselect the Use Policy Store database check box.
  6. In the LDAP Key Store group box, enter the following:
    1. In the LDAP IP Address field, enter the IP address (or host name) and port number of the LDAP directory, separated by a colon (:).

      Example, enter 123.123.12.12:321. If the port is not specified, SiteMinder uses port 389 as the default.

    2. In the Root DN field, enter the LDAP branch under which the SiteMinder policy store is located.

      Example: o=airius.com.

    3. In the Admin Username field, enter the DN of the LDAP directory administrator for the Policy Server being configured.
    4. Example, cn=Directory Manager.
    5. In the Password field, enter the LDAP directory administrator password.
    6. In the Confirm Password field, re-enter the LDAP directory administrator password.
    7. (Optional)If your system is communicating with the LDAP directory over SSL, select the Use SSL check box.
    8. Click Apply.
  7. (Optional) If you are using SSL, enter the name of the certificate database in the Netscape Certificate Database File field on the Settings tab.
  8. Click Apply to save the settings.
  9. On the Data tab, click Test LDAP Connection to verify connectivity to the LDAP directory server.
  10. Click OK to save the settings and close the Console.


Copyright © 2010 CA. All rights reserved. Email CA about this topic