If your LDAP directory server uses self-signed certificates
or other non-standard certificates, import them into the key database
file.
If your LDAP directory server uses self-signed certificates or
certificates that are not from one of the commercial Certificate Authorities
installed in the key database file, you must import them into the
key database file. Get copies of the certificates from your LDAP server
administrator.
To import a certificate into the key database file, perform the
following steps:
- If the Global Security Kit (GSKit) iKeyman GUI is not open, open
it by navigating to the \Program Files\IBM\GSK7\bin directory
and double-clicking gsk7ikm.exe.
- Click . Enter the name of the key
database file. Click OK. Enter the password
for the key database file. Click OK.
- In the Key database content area, select Signer
Certificates from the list.
- Click Add. The Add CA's Certificate from
a File window opens.
- In the Certificate file name field enter
the name and location of the certificate that you received from your
LDAP server administrator. Click OK.
- Enter a label name. Choose a name that identifies the certificate
authority. For example, you might use MYLDAP to identify the LDAP
server as the self-signed certificate authority. Click OK.
The new certificate appears in the list of signer certificates.