To Create a Non-default Self-Signed Certificate for Directory Proxy Server (Sun Java System Directory Server Enterprise Edition 6.0 Administration Guide)

Sun Java System Directory Server Enterprise Edition 6.0 Administration Guide

To Create a Non-default Self-Signed Certificate for Directory Proxy Server

When you create a Directory Proxy Server instance, a default self-signed certificate is automatically provided. If you want to create a self-signed certificate with non-default settings, use this procedure.

The procedure creates the public and private key pair for a server certificate, where the public key is signed by Directory Proxy Server. A self-signed certificate is valid for three months.

You can use DSCC to perform this task. For information, see Directory Service Control Center Interface and the DSCC online help.

To create a non-default self-signed certificate for Directory Proxy Server, type:

$ dpadm add-selfsign-cert instance-path cert-alias

where cert-alias is the name of the self-signed certificate.

For example, you could create a certificate called my-self-signed-cert as follows:

$ dpadm add-selfsign-cert /local/dps my-self-signed-cert

For a description of all command options, see the dpadm(1M) man page or type dpadm add-selfsign-cert --help at the command line.