Purchase a Certificate Authority-signed certificate for secure connections between Sametime
® Gateway and other instant messaging providers.
About this task
The CA certificate installed on Sametime
Gateway must conform to RFC 3280 certificate standards. The CA certificate can be a root certificate or an intermediary certificate. When requesting a certificate, check with the vendor to make sure that the certificate supports both TLS Web Server Authentication and TLS Web Client Authentication. Some certificate authorities provide certificates that support server authentication only or client authentication only. Certificates must include both server and client authentication EKU flags. Thawte certificates meet these standards. It is your responsibility to make sure that the certificate supports both.
Parent topic: Setting up SSL on a cluster
Next topic: Creating a new keystore
- Review the list of Certificate Authorities recognized by AOL and XMPP.
- Purchase a certificate that supports both client and server authentication.