1. Manuals
  2. Brands
  3. Novell Manuals
  4. Software
  5. eBook Reader
  6. Administration manual

Importing Trusted Roots - Novell eBook Reader Administration Manual

Novell ebook reader user manual
Hide thumbs
Table of Contents

Advertisement

11
12
NOTE:
add the port to the Allow Introductions Common Domain in the site configuration using iManager.

Importing Trusted Roots

Your well-known trusted roots file is located at C:\Program Files\Novell\jre\lib\security\cacerts. If
any service provider uses SSL and the service provider's certificates are signed by a certificate
authority that is not in this keystore, you will need to import the trusted root from the service
provider's certificate to this keystore. Use the following command to import the service provider's
trusted root from the keystore:
C:Program Files\Novell\jre\bin\keytool -import -v -file
<trustedroot.crt> -alias serviceprovidertrustedroot -keystore
C:\Program Files\Novell\jre\lib\security\cacerts -storepass
changeit
where <trustedroot.crt> is replaced with the path and file name of your service provider's trusted
root file.
42
Liberty Identity Provider for Novell eDirectory
In this same file, make the following changes (bolded as shown) to the second virtual host
section for the common domain virtual host:
<VirtualHost nidp.commondomain.com:444>
#
General setup for the virtual host
DocumentRoot C:/PROGRA~1/Novell/Apache/htdocs
ServerName nidp.commondomain.com:444
#
Server Certificate:
#
Point SSLCertificateFile at a PEM encoded certificate.
#
the certificate is encrypted, then you will be prompted for a
#
pass phrase.
Note that a kill -HUP will prompt again.
#
in mind that if you have both an RSA and a DSA certificate you
#
can configure both in parallel (to also allow the use of DSA
#
ciphers, etc.)
SSLCertificateFile conf/ssl/mycommonssl.crt
#SSLCertificateFile conf/ssl.crt/server-dsa.crt
#
Server Private Key:
#
If the key is not combined with the certificate, use this
#
directive to point at the key file.
#
you've both a RSA and a DSA private key you can configure
#
both in parallel (to also allow the use of DSA ciphers, etc.)
SSLCertificateKeyFile conf/ssl/mycommonssl.key
#SSLCertificateKeyFile conf/ssl.key/server-dsa.key
#
Server Certificate Chain:
#
Point SSLCertificateChainFile at a file containing the
#
concatenation of PEM encoded CA certificates which form the
#
certificate chain for the server certificate. Alternatively
#
the referenced file can be the same as SSLCertificateFile
#
when the CA certificates are directly appended to the server
#
certificate for convinience.
SSLCertificateChainFile conf/ssl/trustedroot.crt
#SSLCertificateChainFile conf/ssl.crt/ca.crt
If you are using self-signed certificates, the last bolded line above is not needed.
If you are using a different port rather than a different IP address for the common domain, you need to
If
Keep
Keep in mind that if

Advertisement

Table of Contents
loading

Related Manuals for Novell eBook Reader

Related Content for Novell eBook Reader

Table of Contents