When A User Accesses A Resource, The Browser Displays Certificate Errors; Access Gateway Canceled Certificate Modifications; A Device Reports Certificate Errors; Section B.5, "When A User Accesses A Resource, The Browser Displays Certificate Errors - Novell ACCESS MANAGER 3.1 SP1 - ADMINISTRATION Manual

Administration console guide

Hide thumbs Also See for ACCESS MANAGER 3.1 SP1 - ADMINISTRATION:

Manual (208 pages)

Installation manual (42 pages)

Quick start manual (24 pages)

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

Table of Contents

B.5 When a User Accesses a Resource, the

Browser Displays Certificate Errors

When you configure the Identity Server to use SSL (the HTTPS protocol), the browser must be

configured to trust the CA that created the certificate for the Identity Server. If you use a well-known

CA, the browser is usually already configured to trust certificates from the CA. If you use a less-

known CA or the Access Manager CA to create the certificate, you need to import the public key of

the trusted root certificate into the browsers to establish the trust. For the Access Manager CA, this

certificate is called configCA.

For instructions on how to export the public key of a trusted root certificate, see

Certificate" on page

To import a public key into the browser, access the certificate options, then follow the prompts:

For Internet Explorer 7, click Tools > Internet Options > Content > Certificates > Trusted Root

Certification Authorities > Import.

For Firefox 2, click Tools > Options > Advanced > Encryption > View Certificates > Authorities

> Import.

B.6 Access Gateway Canceled Certificate

Modifications

An Access Gateway has the following issue when canceling changes to certificate modifications:

If you make certificate changes on the Reverse Proxy or the Web Servers page, click the

Configuration Panel link, and then cancel the changes on the Configuration page, the Reverse Proxy

is configured with an invalid certificate.

To correct the problem, return to the page and select the old certificate. As soon as you exit the page,

the certificate is pushed to the device. Because you did not change the certificate, you do not need to

restart the Embedded Service Provider.

B.7 A Device Reports Certificate Errors

After you restore a device, especially the Administration Console, the device might report certificate

errors. To fix these errors, you need to re-push the certificates from the Administration Console to

the device:

1 Click Auditing > Troubleshooting > Certificates.

2 Select the store that is reporting errors, then click Re-push certificates.

You can select multiple stores at the same time.

3 (Optional) To verify that the re-push of the certificates was successful, click Security >

Command Status.

114 Novell Access Manager 3.1 SP1 Administration Console Guide

59.

"Exporting a Public

Table of Contents

Chapters

Table of Contents

Chapters

Troubleshooting

Related Manuals for Novell ACCESS MANAGER 3.1 SP1 - ADMINISTRATION

Related Content for Novell ACCESS MANAGER 3.1 SP1 - ADMINISTRATION

Table of Contents