Manualshelf

Red Hat Directory Server 8.0 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX Red Hat Directory Server Software
421422423424425426427428429430
text file, and paste it in this field.
4. Check that the certificate information displayed is correct, and click Next.
5. Give a name to the certificate, and click Next.
6. Provide the password that protects the private key. This password is the same as the one
provided in step 5 in Section 2.1, “Step 1: Generate a Certificate Request”.
After installing the server certificate, configure the Directory Server to trust the CA which issued
the server's certificate.
2.4. Step 4: Trust the Certificate Authority
Configuring the Directory Server to trust the certificate authority consists of obtaining the CA's
certificate and installing it into the server's certificate database. This process differs depending
on the certificate authority. Some commercial CAs provide a web site that allow users to
automatically download the certificate. Others will email it back to users.
After receiving the CA certificate, use the Certificate Install Wizard to configure the Directory
Server to trust the certificate authority.
1. In the Directory Server Console, select the Tasks tab, and click Manage Certificates.
2. Go to the CA Certs tab, and click Install.
3. If the CA's certificate is saved to a file, enter the path in the field provided. Alternatively, copy
and paste the certificate, including the headers, into the text box. Click Next.
4. Check that the certificate information that opens is correct, and click Next.
5. Name the certificate, and click Next.
6. Select the purpose of trusting this certificate authority; it is possible to select both options:
Accepting connections from clients (Client Authentication). The server checks that the
client's certificate has been issued by a trusted certificate authority.
Accepting connections to other servers (Server Authentication). This server checks that the
directory to which it is making a connection (for replication updates, for example) has a
certificate that has been issued by a trusted certificate authority.
7. Click Done.
Once both the server and CA certificates are installed, it is possible to configure the Directory
Server to run in TLS/SSL. However, Red Hat recommends verify ingthat the certificates have
been installed correctly.
Step 4: Trust the Certificate Authority
401