Problem

A Forum reader recently asked:

“I have 3rd party certificate that I want to import into eDirectory. The CA who signed the CSR sent the following files:

a. signedcertificate.der.cer
b. signedcertificate.pem.cer
c. signedcertificate.p7c
d. rootCA_b64.cer
e. intermediateCA_b64.cer

The CSR was NOT created using eDirectory. It was generated using openssl on a SLES10 server:

Original CSR file = domain.csr
KEY file = domain.key
Original Passphrase is available as is a “random” file used to generate the key file.

I have studied the documentation and TIDs, and they all assume that the CSR was generated in eDirectory and thereby an associated KMO was created. I have no KMO in eDirectory for this certificate. How do import this certificate into eDirectory?”

Solution

There are basically four things you need to do:

1. Make a PEM file.

2. Run openssl on the .pem file.

3. Import the .pfx file into eDirectory.

4. Apply certs to both instances of Apache (Remote manager and iManager).

For details, take a look at the following link:

http://myfiles.hmdc.harvard.edu/certificate.html

0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this post.
Loading...Loading...
Categories: Uncategorized

Disclaimer: As with everything else at NetIQ Cool Solutions, this content is definitely not supported by NetIQ, so Customer Support will not be able to help you if it has any adverse effect on your environment.  It just worked for at least one person, and perhaps it will be useful for you too.  Be sure to test in a non-production environment.

Leave a Reply

No Comments
By: coolguys
Apr 16, 2008
6:58 am
Reads:
1,151
Score:
Unrated