- Setting Up the Directory Server and the Certificate Server
- Generating an SSL Server Certificate
- Generating an SSL Client Certificate
- Setting Up the Appropriate Trust Relations
- Enabling SSL for the Sun ONE Directory Server Software
- Setting Up LDAP/SSL Server Authentication
- Setting Up LDAP/SSL Client Authentication
- Successful and Secure Installation
Enabling SSL for the Sun ONE Directory Server Software
To Enable SSL for LDAP Queries
Double-click the Sun ONE Directory Server software (in this example it is named sunshine).
The Sun ONE Directory Server software interface shows up.
Check Enable SSL for this server.
Choose RSA cipher family by clicking the corresponding checkbox.
Select a certificate.
If there is no certificate to select, something went wrong while installing the SSL server certificate. If this happens, check the file permissions.
Set 636 as the default LDAP/SSL (LDAPS) port.
Enable Do not allow client authentication in a first step.
Do not restart the server from the Sun ONE console but from the Solaris OE shell, in order to avoid password file problems.
Restart the server in order to start the LDAP/SSL (LDAPS) service.
bash-2.03# pwd /opt/iplanet/server5/slapd-sunshine bash-2.03# ./stop-slapd bash-2.03# ./start-slapd Enter PIN for Internal (Software) Token: manager1