1. Security Administration Guide
  2. LDAP Authentication Over SSL/TLS for Windows and UNIX

LDAP Authentication Over SSL/TLS for Windows and UNIX

The EnterpriseOne server uses Netscape's certificate database, cert7.db or cert9.db. You use the "certutil" utility, found in \system \bin32 or \system\bin64 to create the cert9 certificate database. The "certutil" utility will only create the cert9.db, but runtime is backward compatible with cert7.db.

Note: As of Tools Release 9.2.5.3, Mozilla Network Security Services (NSS) does not support the AIX platform. Because of this limitation, you will not be able to use the certutil tool present in this path: \system \bin32 or \system\bin64. The EnterpriseOne server uses Netscape's certificate database, cert7.db or cert9.db. You can obtain the cert7.db or cert9.db certificates using the PKCS utilities distributed by Netscape.

For Windows and UNIX, establishing the secure connection between the EnterpriseOne application server and the LDAP server requires these items:

  • Cert7.db / cert9.db certificate database from Netscape.

  • A server certificate for the LDAP server.

  • The trusted root certificate from the certificate authority (CA) that issues the server certificate.