You cannot use self-signed certificates for SSL service between the i-Planet server and the i-Planet gateway. You must use an SSL certificate from a certificate vendor.
You must generate a self-signed certificate in order to obtain an SSL certificate from certificate vendor who provides authority (CA) services.
As root, run the certadmin script on the i-Planet server:
# /opt/SUNWsnrp/bin/certadmin |
The Certificate Administration menu is displayed:
1) Generate Self-Signed Certificate 2) Generate Certificate Signing Request (CSR) 3) Add Root CA Certificate 4) Install Certificate from Certificate Authority (CA) 5) Quit choice: [5] |
Enter 1 on the Certificate Administration menu to generate a self-signed certificate.
The Certificate Administration script prompts you to enter specific information about your organization and a passphrase for the self-signed certificate:
What is the fully qualified DNS name of this host? [hostname.domainname] What is the name of your organization? [] What is the name of your organizational unit? [] What is the name of your City or Locality? [] What is the name of your State or Province? [] What is the two-letter country code for this unit? [] ... Enter passphrase [] |
Enter the information for your organization and a passphrase for the self-signed certificate.
A self-signed certificate is generated and added the file /etc/opt/SUNWstnr/rp.keystore on the i-Planet server. Your prompt returns.
Make a backup copy of the rp.keystore file on the i-Planet server.