To Enable Server-Side Configuration for Signed Approvals Using PKCS12

The following configuration information is for signed approvals using PKCS12. Obtain a certificate and private key, and then export them to a PKCS#12 keystore. For example, if using a Microsoft CA, you would follow steps similar to these:

Before You Begin

Identity Manager now requires at least JRE 1.5.

1. Using Internet Explorer, browse to http://IPAddress/certsrv and log in with administrative privileges.

2. Select Request a certificate, and then click Next.

3. Select Advanced request, and then click Next.

4. Click Next.

5. Select User for Certificate Template.

6. Select these options:

   1. Mark keys as exportable.

   2. Enable strong key protection.

   3. Use local machine store.

7. Click Submit, and then click OK.

8. Click Install this certificate.

9. Select Run -> mmc to launch mmc.

10. Add the Certificate snap-in:

    1. Select Console -> Add/Remove Snap-in.

    2. Click Add.

    3. Select Computer account.

    4. Click Next, and then click Finish.

    5. Click Close.

    6. Click OK.

    7. Go to Certificates -> Personal -> Certificates.

    8. Right-click Administrator All Tasks -> Export.

    9. Click Next.

    10. Click Next to confirm exporting the private key.

    11. Click Next.

    12. Provide a password, and then click Next.

    13. File CertificateLocation.

    14. Click Next, and then click Finish. Click OK to confirm.

        ---

        Note –

        Note the information that you use in step 10l (password) and 10m (certificate location) of the client-side configuration. You will need this information to sign approvals.

        ---