3b Click the Manage Reverse Proxy Trust Store icon. The auto import screen appears.
If the Access Gateway is a member of a cluster, the cluster members are listed. The Web
server certificate is imported into the trust stores of each cluster member.
3c Ensure that the IP address of the Web server and the port match your Web server
configuration.
If these values are wrong, you have entered them incorrectly on the Web server page.
Click Cancel and reconfigure them before continuing.
3d Click OK.
The server certificate, the Root CA certificate, and any certificate authority (CA)
certificates from a chain are listed.
If the whole chain is not displayed, import what is displayed. You then need to manually
import the missing parents in the chain. A parent is missing if the chain does not include a
certificate where the Subject and the Issuer have the same CN.
3e Specify an alias, then click OK.
116 Novell Access Manager 3.1 SP2 Access Gateway Guide
IMPORTANT: For an Access Gateway Service, this option is a global option. If you
select this option for one proxy service, all proxy services on an Access Gateway
Service are flagged to verify the public certificate. This verification is done even
when other proxy services are set to Do not verify.
If the Web server certificate is part of a chain of certificates, you need to enable the
SSLProxyVerifyDepth option and specify how many certificates are in the chain. For
more information about this option, see
Options for a Domain-Based Proxy Service," on page
Section 1.1.3, "Configuring Advanced
21.