Sun Identity Manager 8.1 Business Administrator's Guide

ProcedureTo Enable Server-Side Configuration for Signed Approvals Using PKCS12

The following configuration information is for signed approvals using PKCS12. Obtain a certificate and private key, and then export them to a PKCS#12 keystore. For example, if using a Microsoft CA, you would follow steps similar to these:

Before You Begin

Identity Manager now requires at least JRE 1.5.

  1. Using Internet Explorer, browse to http://IPAddress/certsrv and log in with administrative privileges.

  2. Select Request a certificate, and then click Next.

  3. Select Advanced request, and then click Next.

  4. Click Next.

  5. Select User for Certificate Template.

  6. Select these options:

    1. Mark keys as exportable.

    2. Enable strong key protection.

    3. Use local machine store.

  7. Click Submit, and then click OK.

  8. Click Install this certificate.

  9. Select Run -> mmc to launch mmc.

  10. Add the Certificate snap-in:

    1. Select Console -> Add/Remove Snap-in.

    2. Click Add.

    3. Select Computer account.

    4. Click Next, and then click Finish.

    5. Click Close.

    6. Click OK.

    7. Go to Certificates -> Personal -> Certificates.

    8. Right-click Administrator All Tasks -> Export.

    9. Click Next.

    10. Click Next to confirm exporting the private key.

    11. Click Next.

    12. Provide a password, and then click Next.

    13. File CertificateLocation.

    14. Click Next, and then click Finish. Click OK to confirm.

      Note –

      Note the information that you use in step 10l (password) and 10m (certificate location) of the client-side configuration. You will need this information to sign approvals.