Access Manager includes a certificate management service, which allows you to manage the certificates used for digital signatures and data encryption. You can create locally signed certificates or import externally signed certificates, then assign these certificates to the trust stores and keystores of the following components:
Identity Server: Certificates allow you to provide secure authentication to Identity Server and enable encrypted content from Identity Server portal through HTTPS. They also provide secure communications between trusted Identity Servers and user stores.
Access Gateway: Uses server certificates and trusted roots to protect web servers, provide single sign-on, and enable the product's data confidentiality features, such as encryption.
You can install and distribute certificates to Access Manager components and configure how the components use certificates. This includes central storage, distribution, and expired certificate renewal.
NOTE:For detailed information about how to secure Access Manager, see NetIQ Access Manager 5.0 Security Guide.