Access Manager has five communication channels that can be configured for SSL. Figure 3-1 illustrates these channels.
Figure 3-1 Potential SSL Communication Channels
The channels need to be configured according to their numeric values. You need to configure SSL between the Identity Server and the LDAP server before you configure SSL between the Identity Server and the browsers. The Identity Server must be configured for SSL before you configure the channel between the Access Gateway and the Identity Server for SSL.
The following procedures assume that you want to set up a new system using certificates created by the Access Manager Certificate Authority. To modify an existing system to use SSL, see NetIQ Access Manager 3.1 SP5 Setup Guide. To use certificates signed by an external CA, see NetIQ Access Manager 3.1 SP5 Setup Guide.
This section describes the following tasks: