Novell ACCESS MANAGER 3.1 SP1 - GATEWAY GUIDE Manual page 105

9c If the certificate is not in use by the required keystores, select the certificate, then click
Actions > Add Certificate to Keystores.
9d Click the Select Keystore icon, select ESP Mutual SSL and Proxy Key Store of the Access
Gateway, then click OK twice.
10 Configure the trust stores for the Access Gateway.
10a In the Administration Console, click Security > Certificates > Trusted Roots.
The trusted root certificate of the CA that signed the Access Gateway certificate needs to
be in the NIDP-truststore.
The trusted root certificate of the CA that signed the Identity Server certificate, needs to be
in the ESP Trust Store of the Access Gateway.
10b If you need to add a trusted root to a trust store, select the trusted root, click Add Trusted
Roots to Trust Stores.
10c Click the Trust Store icon, select the required trust store, then click OK twice.
11 If you made any keystore or trust store modifications, update the Access Gateway and the
Identity Server.
12 (Optional) Create a cluster configuration and add this server as the primary server.
Server Configuration Settings 105