You can configure an SSL connection.
To configure SSL
Note: The CD is entitled "InJoin Directory Server Secure Sockets Layer Option for Microsoft Windows NT". Despite the name, Solaris support is included.
admin>m_read_lkey
read:
read result:
Entry information:
Name: root
Attribute type = licenseKey
Maximum number of entries: 20000
Demonstration expiry time: 06 August 2002
Instance: 8192
Options:
Shadowing enabled
Enterprise iCon enabled
SSL enabled
Result = OK
Example:
"odscertreq -rnd random -str 1024 -alg rsa -enc pem -prv pkfile.p8 -pass password -req test.req -dn cn=server.icarus.com"
Specifies the name of the file that was created in the previous step.
Specifies the name of the file containing the private key that is created in this step.
Specifies the password.
Specifies the name of the CSR file that is created in this step.
Specifies the dn of the server.
The CA creates a server certificate.
odscertconv -certificate servercert.crt -certificate rootcert.crt -pkcs8 pkfile.p8 password toPEM -pkcs12 cert.p12 firewall
Specifies the name of the file that contains the server certificate created by the CA.
Specifies the name of the file containing the root certificate from the CA.
Specifies the name of the file that contains the private key.
Specifies the password.
Specifies the name of the identity file that is created by odscertconv.
An identity file is created for the SSL/IDS configuration.
Example: cert.p12
Example: password
Note: If the Policy Server is operating in FIPS mode and the directory connection is to use a secure SSL connection when communicating with the Policy Server, the certificates used by the Policy Server and the directory store must be FIPS compliant.
Copyright © 2010 CA. All rights reserved. | Email CA about this topic |