This cool solution explains how to export the Trusted Root Certificate of the eDirectory Server, that is used for LDAP SSL authentications.

  1. Log in to the eDirectory tree (whose SSL certificate is iManager with a valid user with proper rights.
  2. Go to the ‘Directory Administration’ tab on the left panel.
  3. Click on the ‘Modify Object Link’.

  4. Click the ‘Object Selector’ and browse through the tree to find and click the ‘SSLCertificateIP’ object.

  5. Now click Ok.

  6. Go to the ‘Certificates’ tab. And select ‘Trusted Root Certificate’ underneath that.
  7. Select the ‘SSLCertificateIP’ certificate check box. If there are more than one certificate present, select the appropriate one.

  8. Click on the link ‘Export’.
  9. In the ‘Certificates’ drop down box, select ‘SSL Certificate IP’. Uncheck the ‘Export Private Key’ option.
  10. Select the ‘Export Format’ as ‘DER’ from the drop down menu. And click ‘Next’.

  11. Click on the ‘Save the exported certificate’ link and save it in your machine locally.

Later on, this certificate can be used for LDAP SSL authentication against the corresponding eDirectory server.

1 vote, average: 5.00 out of 51 vote, average: 5.00 out of 51 vote, average: 5.00 out of 51 vote, average: 5.00 out of 51 vote, average: 5.00 out of 5 (1 votes, average: 5.00 out of 5)
You need to be a registered member to rate this post.
Loading...Loading...
Categories: Uncategorized

Disclaimer: As with everything else at NetIQ Cool Solutions, this content is definitely not supported by NetIQ, so Customer Support will not be able to help you if it has any adverse effect on your environment.  It just worked for at least one person, and perhaps it will be useful for you too.  Be sure to test in a non-production environment.

Leave a Reply

No Comments
Aug 4, 2009
12:04 pm
Reads:
3,725
Score:
5