15.1 Process Flow

You can install and distribute certificates to the Access Manager components and configure how the components use certificates. This includes central storage, distribution, and expired certificate renewal. Figure 15-1 illustrates the primary administrative actions for certificate management in Access Manager:

Figure 15-1 Certificate Management

  1. Generate a certificate signing request (CSR). See Generating a Certificate Signing Request.

  2. Send the CSR to the external certificate authority (CA) for signing.

    A CA is a third-party or network authority that issues and manages security credentials and public keys for message encryption. The CA’s certificate is held in the configuration store of the computers that trust the CA.

  3. Import the signed certificate and CA chain into the configuration store. See Importing Public Key Certificates (Trusted Roots).

  4. Assign certificates to devices. See Assigning Certificates to Access Manager Devices.

If you are unfamiliar with public key cryptography concepts, see “Public Key Cryptography Basics” in the Novell Certificate Server 3.3.8 Guide.