There seems to be a lot of info in various places on how to do it. After combing through about 12 different pages, I settled on two different ones that seems to have worked just fine. The two pages in order of use are:
- http://www.novell.com/support/viewContent.do?externalId=3033173&sliceId=1
- http://support.novell.com/docs/Tids/Solutions/10098796.html
- In order, add the Location, State and Country attributes the subject line when creating the cert in eDirectory. The resulting subject line will look like this:
- In step C3, it is the certificate that you get back from Digicert and not the one you created with iManager. It seems to me like it was asking for the one you created in the first steps.
- Do check the box that states "Waive subject name in certificate" because Digicert does modify it.
If you want to use the certificates with an eDirectory controlled app like GroupWise PO, then you need to keep the password protected version of the private key from step 7 of the 2nd TID and use it in the eDirectory configs. I tried to use one without a password but the GroupWise agents wouldn't load and complained about the use of no password (Warning - Failure in SSL startup (891D)).
I hope this helps someone else sometime :-)
Thanks for the links they were really helpful, like you i have just changed into wildcard ssl cert i did not really realise how much different they would be to installed. My advice make sure you know how to install these before buying. I spend around 3 hrs on the phone with the tech support to get my wildcard SSL to work it was a bit a pain but it has saved me lots of time.
ReplyDelete