Netscape MANAGEMENT SYSTEM 4.5 Installation And Setup Manual page 623

In the Client Authentication section, select the "Allow client authentication"
6.
option.
Be sure not to select the "Require client authentication" option. If you do,
Netscape Console will not be able to communicate with the directory.
Click Save.
7.
You are be prompted to restart the server. Don't restart the server yet; you can
do this after you've made all the configuration changes.
Publishing Over SSL With Client Authentication
For the Certificate Manager to publish to the directory with SSL client
authentication, Directory Server must:
• Contain an SSL server certificate in its certificate database
• Trust the CA that issued its SSL server certificate
• Trust the CA that issued the certificate the Certificate Manager will use for SSL
client authentication
• Use a valid, secure port number for communication with the Certificate
Manager
• Have SSL-enabled communication turned on in its configuration
The steps that follow explain how you can configure Directory Server for all of the
above.
Check the Directory Server's certificate database.
1.
Before getting an SSL server certificate, determine whether Directory Server
already has an SSL server certificate installed in its certificate database and
whether you want Directory Server to use the same certificate during the SSL
handshake.
To check the Directory Server's certificate database:
Go to the Directory Server window.
a.
Select the Tasks tab.
b.
From the Console menu, choose the Manage Certificates option.
c.
The Certificate Management dialog box appears showing a list of all the
certificates installed for Directory Server.
Configuring a Certificate Manager to Publish Certificates and CRLs
Chapter 19 Setting Up LDAP Publishing 623