This section contains a description of the security parameters unique to the SAP Portal driver.
For additional information about securing your Identity Manager system, see the NetIQ Identity Manager Security Guide.
To increase security, use the following procedure to configure the SAP Portal driver to communicate over HTTPS, then create a secure connection for it to use.
To create a secure connection:
Create a server certificate in Identity Console:
Click Certificate Management > Server Certificate Management.
Click + to create server certificate.
Specify the server and a certificate nickname.
Select Standard as the creation method, then click Next.
Click OK.
Export this self-signed certificate from the certificate authority in eDirectory.
Click Certificate Management > CA Management.
On the Certificates tab, select the check box for the certificate you have created.
Click Export CA Certificate.
Depending on the client to be accessing the Web service, select either the export format, DER or Base64 for the certificate, then click OK.
Click Save the exported file.
Save the downloaded certificate to a known location in your computer.
Import the self-signed certificate into the client’s trust store:
Use the keytool executable that is included with any Java JDK.
For more information on keytool, see Keytool - Key and Certificate Management Tool.
Import the certificate into your trust store or create a new trust store by entering the following command at a command prompt:
keytool -import -file name_of_cert_file -trustcacerts -noprompt -keystore filename -storepass password
For example:
keytool -import -file tree_ca_root.b64 -trustcacerts -noprompt -keystore dirxml.keystore -storepass novell
Configure the Subscriber channel to use the trust store you created in Step 3:
In Identity Console, click the IDM Administration tile.
On the Driver Dashboard, click the driver’s icon.
Select Configuration > Subscriber Settings.
Specify the path to the trust store you created in Step 3 in the Truststore file field.
Save.