Purchase a Certificate Authority-signed certificate for
secure Connections betweenSametime® Gateway Server
and other instant messaging providers.
About this task
The CA certificate installed on Sametime Gateway Server
must conform to RFC 3280 certificate standards. The CA certificate
can be a root certificate or an intermediary certificate. When requesting
a certificate, check with the vendor to make sure that the certificate
supports both TLS Web Server Authentication and TLS Web Client Authentication.
Some certificate authorities provide certificates that support server
authentication only or client authentication only. Certificates must
include both server and client authentication EKU flags. Thawte certificates
meet these standards. It is your responsibility to make sure that
the certificate supports both.
Procedure
- Review the list of Certificate Authorities recognized by
AOL and XMPP.
- Purchase a certificate that supports both client and server
authentication.