In order to enable secure communications using the Secure Sockets Layer (SSL) protocol you need to obtain root certificates and server certificates from a certificate authority (CA). A CA root certificate proves that the particular CA issued a particular server certificate. CA root certificates are publicly available. The root certificate used in this deployment is a test certificate issued by OpenSSL and named ca.cer. You can obtain a root certificate from any commercial certificate issuer such as VeriSign, Thawte, Entrust, or GoDaddy.
The server certificates are requested within each procedure. You should know how to request server certificates from your CA of choice before beginning a deployment. The following sections are related to requesting, installing, and importing root and server certificates:
To Install a Root Certificate and a Server Certificate on Directory Server 1
To Install a Root Certificate and a Server Certificate on Directory Server 2
To Install Application Server on the OpenSSO Enterprise 1 Host Machine
To Install Application Server on the OpenSSO Enterprise 2 Host Machine
To Request a Certificate for the OpenSSO Enterprise Load Balancer
To Install a CA Root Certificate to the OpenSSO Enterprise Load Balancer
To Install the Server Certificate to the OpenSSO Enterprise Load Balancer
To Request and Install a Server Certificate and a Root Certificate for Web Server 1
To Request and Install a Server Certificate and a Root Certificate for Web Server 2
To Import the Root Certificate to the Web Server 1 JDK Certificate Store
To Import the Root Certificate to the Web Server 2 JDK Certificate Store
To Request a Certificate for the Distributed Authentication User Interface Load Balancer
To Import a Root Certificate to the Distributed Authentication User Interface Load Balancer
To Import a Certificate to the Distributed Authentication User Interface Load Balancer