Sun Directory Server Enterprise Edition 7.0 Administration Guide

ProcedureTo Manage Self-Signed Certificates

When you create a Directory Server instance, a default self-signed certificate is automatically provided.

You can use DSCC to perform this task. For information, see Directory Service Control Center Interface and the DSCC online help.

  1. To create a self-signed certificate with non-default settings, use this command:

    $ dsadm add-selfsign-cert instance-path cert-alias

    Where cert-alias is a name that you provide to identify your certificate.

    To see all the options for this command, see the dsadm(1M) man page or the command-line help:.

    $ dsadm add-selfsign-cert --help
  2. When your self-signed certificate expires, stop the server instance and renew the certificate.

    $ dsadm stop instance-path
    $ dsadm renew-selfsign-cert instance-path cert-alias
  3. Restart the server instance.

    $ dsadm start instance-path