|
|
| Installing And Configuring |
|
|
| Configure the |
Step | 6. | Check the “Trust the CA to identify web sites”, “Trust the CA to identify | |
|
| ||
|
| checkboxes in the Downloading Certificate window screen. Then click OK | |
|
| button. |
|
Step | 7. | The Netscape Directory CA certificate will be downloaded to the | |
|
| following two files on your | |
|
| /.mozilla/default/*.slt/cert8.db | |
|
| /.morilla/default/*.slt/key3.db | |
Step | 8. | You can simply copy the /.mozilla/default/*slt/cert8.db file to | |
|
| /etc/opt/ldapux/cert8.db and /.mozilla/default/*slt/key3.db file to | |
|
| /etc/opt/ldapux/key3.db. | |
Step | 9. | Set the file access permissions for/etc/opt/ldapux/cert7..db and | |
|
| /etc/opt/ldapux/key3.db to be read only by root as follows: | |
|
| 1 root sys 65536 Jun 14 16:27 \ | |
|
| /etc/opt/ldapux/cert8.db | |
|
| 1 root sys 32768 Jun 14 16:27 \ | |
|
| /etc/opt/ldapux/key3.db | |
NOTE
NOTE
You may use the unsupported /opt/ldapux/contrib/bin/certutil command line tool to create the certificate database files, cert8.db and key3.db. For detailed command options and their arguments, see Using the Certificate Database Tool available at http://www.mozilla.org/projects/security/pki/nss/tools/certutil.html.
If your browser does not generate cert7.db or cert8.db and key3.db security database files, you must export the certificate (preferably the root certificate of the Certificate Authority that signed the LDAP server’s certificate) from your certificate server as a
Chapter 2 | 43 |