If your LDAP directory server uses self-signed certificates
or certificates that are not from one of the commercial certificate
authorities installed in the key database file, then you must import
the certificates into the key database file. Get copies of these certificates
from your LDAP server administrator.
Procedure
- If the Global Security Kit (GSKit) iKeyman utility is not
open, navigate to the
\IBM\HTTPServer\bin
directory
and double-click ikeyman.bat. - Click .
- Enter the name of the key database file. Click OK.
- Enter the password for the key database file. Click OK.
- In the Key database content area,
select Signer Certificates from the list.
- Click Add.
The Add
CA's Certificate from a File window opens.
- In the Certificate file name field,
enter the name and location of the certificate that you received from
your LDAP server administrator. Click OK.
- Enter a label name. Choose a name that identifies the certificate
authority. For example, you might use MYLDAP to
identify the LDAP server as the self-signed certificate authority.
- Click OK.
The
new certificate appears in the list of signer certificates.