6.1 Prerequisites

Before proceeding with installing SecureLogin in the LDAP environment, ensure that the following prerequisites are met:

NOTE:The instructions apply to the standard architecture of the directory managed using an administration workstation.

  • Ensure that you meet the hardware and software requirements listed in the SecureLogin 8.8 Quick Start Guide

  • Ensure that you provide the valid root CA certificate on every workstation during SecureLogin installation. The installation fails if the valid root CA certificate is not specified. When you install or migrate SecureLogin in LDAP environment, ensure that certificates used are certified by Certification Authority (CA). Server Certificates are installed and available on your LDAP server. For more information on how to export certificates from iManager, see Exporting Certificates from eDirectory Using iManager.

    IMPORTANT:Ensure that the Subject Name or Subject Alternative Name of the certificate in eDirectory matches with the SecureLogin LDAP server name. If it does not match, create a new eDirectory certificate with the custom option in iManager.

  • Have administrator access to the server, directory, and administration workstation.

  • If you intend to enable single sign-on for Java applications, install Java 1.7 or 1.8 on workstations prior to installing SecureLogin. You can download this from the Java Web site.

  • Back up the existing directory.

  • From SecureLogin 8.8 onwards, TLS 1.2 is utilized for secured communication over the networks. It is not recommended to use TLS 1.1 because it is less secure than TLS 1.2. However, if your environment does not allow using TLS 1.2, see Enabling TLS 1.1 In SecureLogin 8.8.

6.1.1 Exporting Certificates from eDirectory Using iManager

Perform the following steps to export certificates from eDirectory using iManager:

  1. Login to iManager as an eDirectory administrator.

  2. Click Roles and Tasks > NetIQ Certificate Access > Server Certificates.

  3. Select the certificate that you want to export.

  4. Click Export.

  5. In the Certificates list, select CA.

  6. In the Export format list, select BASE64.

  7. Click Next.

  8. Click Save the exported certificate.