Importing a trusted root certificate on AIX, Linux, SolarisAdded by IBM on November 23, 2011 | Version 1 (Original)
|To enable SSL between IBM® Sametime® running on IBM AIX®, Linux™, or Solaris and an LDAP server, import the server's trusted root certificate into the key database.
To enable SSL between IBM
® running on IBM AIX
™, or Solaris and an LDAP server, import the server's trusted root certificate into the key database.
Before you begin
Make sure you have copied the trusted root certificate from the LDAP server into the Sametime
Community Server's data directory. The data type should be Base64-encoded ASCII
. The file format can be .CER
. You use this file in the following procedure
About this task
Follow the steps below to import the SSL certificate into the key database on the Sametime
Parent topic: Importing a copy of the LDAP server's trusted root certificate
- Verify that the ikeyman.sh file's SAMETIME_HOME variable specifies the correct path for your server's installation directory, modifying it as needed.
The default installation directories for Sametime
are as follows:
- AIX: /local/notes/data
- Linux: /local/notes/data
- Solaris: /local/notes/data
- Make sure the ikeyman.sh file has execute privileges.
- Start the ikeyman.sh utility.
The ikeyman.sh utility requires a graphical interface. If you run it in a text-only terminal, be sure to redirect the display to an x-windows session.
- Open the key.kdb file.
- Click the Add button.
- In the "Open" dialog box, do the following:
- Browse to and select the file into which you copied the SSL certificate in the last procedure (for example, CA.txt).
- Click OK.
- In the "Enter a Label" dialog box, do the following:
- Type a label for the certificate.
This label identifies the certificate in the Signer Certificates list of the IBM IKeyMan program.
- Click OK.
The new certificate's label appears in the list of Signer Certificates.
- Close the keystore file.
- Close the IKeyMan utility.