2.1 Identifying the SSL Communication Channels

Access Manager has five communication channels that can be configured for SSL. Figure 2-1 illustrates these channels.

Figure 2-1 Potential SSL Communication Channels

You were instructed to set the first channel between the Identity Server and the LDAP servers when you configured the user stores (see Step 10 in Section 1.3, Creating a Basic Identity Server Configuration). The other channels need to be configured according to their numeric values. You need to configure SSL between the Identity Server and the browsers before you configure the channel between the Access Gateway and the Identity Server for SSL.

The eDirectory that resides on the Administration Console is the main certificate store for all of the Access Manager components. You can use this local certificate authority (CA) to create certificates for SSL or you can purchase certificates from a well-known certificate authority. This section describes how to use both types of certificates to enable secure communication.