KU 4: A simple certificate authority configured in this way should only be used for testing purposes on one of the application computer of Lotus Sametime system. The freely available software OpenSSL is used for configuration. This software is usually pre-installed with each Linux operating system.
The certificate authority configured in this way should only be used for testing purposes.
Use for testing purposes is because the following restrictions:
A certificate authority should always be configured and operated on a separate computer system.
Passwords should not be transferred via a command console.
The random generator used in the following should better be pre-set for a certificate authority.
The certificate authority is configured in the following steps:
Preparing the Certificate AuthorityParent topic: Certificate Strategy Overview
Creating self-signed Root Certificates.
How to Prepare Certificate Authority
The certificate authority is configured on an application computer of Lotus Sametime system. This requires creating a working directory for the certificate authority on the application computer, e. g. the following setup directory: <the frameworkHome>/common/conf/ca. Various files of the certificate authority are stored in this working directory.
How to Create Self-Signed Root Certificates
A signed root certificate of the certificate authority is required to have individual keys signed by the certificate authority at a later date.