Importing self-signed certificates

If your LDAP directory server uses self-signed certificates or other non-standard certificates, import them into the key database file.

If your LDAP directory server uses self-signed certificates or certificates that are not from one of the commercial Certificate Authorities installed in the key database file, you must import them into the key database file. Get copies of the certificates from your LDAP server administrator.

To import a certificate into the key database file, perform the following steps:

  1. If the Global Security Kit (GSKit) iKeyman GUI is not open, open it by navigating to the \Program Files\IBM\GSK7\bin directory and double-clicking gsk7ikm.exe.
  2. Click Key Database File > Open. Enter the name of the key database file. Click OK. Enter the password for the key database file. Click OK.
  3. In the Key database content area, select Signer Certificates from the list.
  4. Click Add. The Add CA's Certificate from a File window opens.
  5. In the Certificate file name field enter the name and location of the certificate that you received from your LDAP server administrator. Click OK.
  6. Enter a label name. Choose a name that identifies the certificate authority. For example, you might use MYLDAP to identify the LDAP server as the self-signed certificate authority. Click OK. The new certificate appears in the list of signer certificates.

Feedback