To enable SSL between IBM
® running on Microsoft
™ and an LDAP server, import the server's trusted root certificate into the key database.
Before you begin
Make sure you have copied the trusted root certificate from the LDAP server into the Sametime
Community Server's data directory. The data type should be Base64-encoded ASCII
. The file format can be .CER
. You use this file in the following procedure.
About this task
Follow the steps below to import the SSL certificate into the key database on the Sametime
Parent topic: Importing a copy of the LDAP server's trusted root certificate
- Open a command prompt and navigate to the Sametime_install_root\ibm-jre\jre\bin directory.
The default installation directories for Sametime
are as follows:
- Windows: C:\Program Files\IBM\Lotus\Domino
- 64-bit Windows: C:\Program Files (x86)\IBM\Lotus\Domino
- Start the IKeyMan utility by running the ikeyman.exe program.
- Browse to and select the key.kdb key database.
- Enter the password required to access this file.
- In the "Key database content" area, select Signer certificates.
- Click the Add button.
- In the "Open" dialog box, do the following:
- Browse to and select the file into which you copied the SSL certificate in the last procedure (for example, CA.txt).
- Click OK.
- In the "Enter a Label" dialog box, do the following:
- Type a label for the certificate.
This label identifies the certificate in the Signer Certificates list of the IBM IKeyMan program.
- Click OK.
The new certificate's label appears in the list of Signer Certificates.
- Close the keystore file.
- Close the IKeyMan utility.