Ensure that the IBM
® i LDAP client trusts the SSL certificate used by the LDAP server with which it communicates.
About this task
Sametime for IBM
i uses the LDAP client included with the IBM
Directory Server that is installed as part of the IBM
i operating system. Enable the LDAP client to trust the LDAP server by importing the server's SSL certificate into the store on the client (the IBM
i server) and then adding the Certificate Authority to the trust list.
Parent topic: Installing and setting up Digital Certificate Manager on IBM i
Previous topic: Installing Digital Certificate Manager
Next topic: Ensuring that Sametime has access to the *SYSTEM certificate store
- Use the DCM (Digital Certificate Manager) program to determine whether the CA Certificate that signed the LDAP directory server's certificate is already included in the DCM *SYSTEM certificate store.
Well-known public Internet Certificate Authorities (CA) that most web browsers can recognize readily, such as VeriSign, are already included in the DCM. If the appropriate CA is included in the certificate store, you have finished this task; skip the remaining steps.
If the CA used by your LDAP server's certificate does not appear in the DCM *SYSTEM certificate store, import it now by completing the remaining steps in this procedure.
- Import the LDAP directory server's certificate into the DCM *SYSTEM certificate store.
- Use DCM to add the CA Certificate to the trust list of the IBM Directory Server LDAP client application.
The application ID is QIBM_GLD_DIRSRV_CLIENT.