A Forum reader recently asked:
“I have 3rd party certificate that I want to import into eDirectory. The CA who signed the CSR sent the following files:
The CSR was NOT created using eDirectory. It was generated using openssl on a SLES10 server:
Original CSR file = domain.csr
KEY file = domain.key
Original Passphrase is available as is a “random” file used to generate the key file.
I have studied the documentation and TIDs, and they all assume that the CSR was generated in eDirectory and thereby an associated KMO was created. I have no KMO in eDirectory for this certificate. How do import this certificate into eDirectory?”
There are basically four things you need to do:
1. Make a PEM file.
2. Run openssl on the .pem file.
3. Import the .pfx file into eDirectory.
4. Apply certs to both instances of Apache (Remote manager and iManager).
For details, take a look at the following link:
Disclaimer: As with everything else at NetIQ Cool Solutions, this content is definitely not supported by NetIQ, so Customer Support will not be able to help you if it has any adverse effect on your environment. It just worked for at least one person, and perhaps it will be useful for you too. Be sure to test in a non-production environment.