If your LDAP directory server uses self-signed certificates or
other non-standard certificates, import them into the key database file.
If
your LDAP directory server uses self-signed certificates or certificates that
are not from one of the commercial Certificate Authorities installed in the
key database file, you must import them into the key database file. Get copies
of the certificates from your LDAP server administrator.
To import a certificate into the key database file, perform the following
steps:
- If the Global Security Kit (GSKit) iKeyman GUI is not open, open it by
navigating to the \Program Files\IBM\GSK7 directory and double-clicking gsk7ikm.exe.
- Click . Enter the name of the key database file. Click OK.
Enter the password for the key database file. Click OK.
- In the Key database content area, select Signer
Certificates from the list.
- Click Add. The Add CA's Certificate from a File
window opens.
- In the Certificate file name field enter the name
and location of the certificate that you received from your LDAP server administrator.
Click OK.
- Enter a label name. Choose a name that identifies the certificate authority.
For example, you might use MYLDAP to identify the LDAP server as the self-signed
certificate authority. Click OK. The new certificate
appears in the list of signer certificates.