Managing Certificates

You can use Secure Sockets Layer (SSL) authentication to communicate securely with a directory server. Two variants are allowed:

 

 

Simple SSL authenticates the server only, whereas, Authenticated SSL authenticates both the client and the server.

 

Both variants require the client to be initialized with the trusted public certificate of the directory server, or the public certificate of the directory server's certificate authority. The trusted public certificates of servers are stored in the cacerts keystore file, located in the security directory, under JXplorer.

 

In addition to the above, Authenticated SSL requires the registration of the client's trusted public certificate (or the public certificate of the client's certificate authority) with the directory server, and use of the client's private key. Trusted public certificates and private keys of clients are stored in the clientcerts keystore file, located in the security directory, under JXplorer.

 

When you add or delete a certificate, or private key, the keystore files are updated and encrypted. You  can set a password to stop unauthorized changes to these files.

 

Related Topics

Adding a Certificate

Adding a Private Key

Deleting a Certificate

Exporting a Private Key

Setting a Keystore Password

Viewing a Certificate

 

Back to Index

© 2002 Computer Associates International, Inc. (CA)
All trademarks, trade names, service marks, and logos referenced herein belong to their respective companies.