1. Manuals
  2. Brands
  3. Novell Manuals
  4. Software
  5. IDENTITY MANAGER 3.6. - INTEGRATION
  6. Integration manual

Creating A Root Certificate For The Secure Logging Server; Creating A Self-Signed Root Certificate For The Secure Logging Server; Using A Third-Party Root Certificate For The Secure Logging Server - Novell IDENTITY MANAGER 3.6. - INTEGRATION Integration Manual

For novell audit
Hide thumbs
Table of Contents

Advertisement

6.3 Creating a Root Certificate for the Secure
Logging Server
The certificate key pair used by the Secure Logging Server is the logging system's Certificate
Authority (CA); that is, it is the trusted root certificate that is used to validate all other Novell Audit
logging application certificates. By default, this certificate is self-signed. However, you can use a
certificate signed by a third-party CA.
The following sections review the process required to generate a self-signed root certificate and how
to use a third-party root certificate for the Secure Logging Server.
Section 6.3.1, "Creating a Self-Signed Root Certificate for the Secure Logging Server," on
page 35
Section 6.3.2, "Using a Third-Party Root Certificate for the Secure Logging Server," on
page 35
6.3.1 Creating a Self-Signed Root Certificate for the Secure
Logging Server
To generate a self-signed root certificate for the Secure Logging Server by using the internal Novell
Audit CA, use the following AudCGen command:
audcgen ss [-cacert:filename] [-capkey:filename] [-bits:number] [-f]
For example:
audcgen ss -cacert:slscert.pem -capkey:slspkey.pem -bits:512 -f
The -ss parameter creates a self-signed root certificate that can then be used to generate the
certificate key pair for each logging application. For more information on generating the key pair,
see
"Creating Logging Application Certificates" on page
6.3.2 Using a Third-Party Root Certificate for the Secure
Logging Server
To use a certificate signed by a third-party CA, you must do the following:
1 Use AudCGen to generate a CSR that can be signed by a third-party CA:
The command syntax is as follows:
audcgen csr [-csrfile:filename] [-csrpkey:filename]
[-bits:RSA_key_size]
For example:
audcgen csr -bits:512 -csrfile:slscsr.pem -csrpkey:slspkey.pem
For more information, see
2 Take the slscsr.pem file and submit it to a third-party CA for signature, or sign it by using
your internal certificate server.
Section 6.2, "The Novell Audit AudCGen Utility," on page
36.
Securing the Connection with Novell Audit
32.
35

Advertisement

Table of Contents
loading

Related Manuals for Novell IDENTITY MANAGER 3.6. - INTEGRATION

Related Content for Novell IDENTITY MANAGER 3.6. - INTEGRATION

Table of Contents