Create an user certificate for iManager using eDirectory. For more information, see Creating User Certificates in the NetIQ eDirectory Administration Guide.
Export the certificate to .pfx format. For more information, see Importing a Public Key Certificate into a User Object in the NetIQ eDirectory Administration Guide.
Extract the private key to imanipkey.pem and certificate to imanicert.pem files. Copy the generated certificate files (imanicert.pem and imanipkey.pem) to the respective folders of iManager server.
For Windows:
c:\windows\imanicert.pem
c:\windows\imanipkey.pem
For Linux:
/etc/imanicert.pem
/etc/imanipkey.pem
Use the following command to extract the Private key and Certificate:
To extract private key: openssl pkcs12 -in imanP12File.pfx -nocerts -out imanipkey.pem -nodes
To extract certificate: openssl pkcs12 -in imanP12File.pfx -clcerts -nokeys -out imanicert.pem
Copy the CA certificate (SSCert.pem) of the eDirectory server from /var/opt/novell/eDirectory/data and add it to the Keysotre file of the Audit Connector using the following command:
/keytool -importcert -file SSCert.pem -keystore audit_keystore -alias "eDir-CA"
Import the audit_keystore file to Audit Connector which is set to Strict Mode in Sentinel server.
Configure iManager for auditing and restart Tomcat. For more information, see Enabling Novell Auditing in iManager.