20.1.1 Identifying the SSL Communication Channels

Access Manager has five communication channels that you can configure for SSL. Figure 20-1 illustrates these channels.

Figure 20-1 Potential SSL Communication Channels

The first channel is set between Identity Server and LDAP servers when you configure user stores (see step 4 in Section 2.3, Configuring Identity Servers Clusters). The other channels need to be configured according to their numeric values. You need to configure SSL between Identity Server and browsers before you configure the channel between Access Gateway and Identity Server for SSL.

eDirectory that resides on Administration Console is the main certificate store for all Access Manager components. You can use this local certificate authority (CA) to create certificates for SSL or you can purchase certificates from a well-known certificate authority. This section describes how to use both types of certificates to enable secure communication.

Section 20.1.2, Using Access Manager Certificates
Section 20.1.3, Using Externally Signed Certificates