The web service, whether apache or IIS, must be configured to use a minted certificate. This certificate can be provided by a trusted ROOT Certificate authority or your local Directory service (Active Directory or eDirectory). I will list the steps for IIS and using eDirectory as the trusted ROOT Certificate source.
Minting a Certificate on IIS
I am going to give a quick overview as full details are provided in the Novell Documentation.
- Generate a Certificate request from the IIS administration page.
- Going to Consoleone or iManager generate a certificate response
- IIS Administration page provide certificate response.
- Export the eDirectory ROOT CA (Security container, Self signed .DER file)
- Import the ROOT CA into the local workstation
- Import the certificate from the MiddleTier server into the workstation. (It is critical that the certificate be placed in the local Computer store. Do not let the certificate wizard place the certificate for you)
