2.2 Installing SecureLogin in the LDAP Mode Without Root CA Certificate

WARNING:Installing SecureLogin without a root CA certificate makes SecureLogin and the LDAP server open to security threats. It is not recommended to install SecureLogin without the root CA certificate.

Perform one of the following actions to install SecureLogin in the LDAP mode without the root CA certificate:

Installing SecureLogin in the LDAP Mode Without the Root CA Certificate Using Command Line
Installing SecureLogin in the LDAP Mode Without the Root CA Certificate Using Response.ini (Silent Installation)

2.2.1 Installing SecureLogin in the LDAP Mode Without the Root CA Certificate Using Command Line

Log in as an administrator.
Launch the command prompt.
Navigate to the location where the SecureLogin installer package is saved.
Run the NetIQSecureLogin.exe installer file with the INSTALLWITHOUTCACERT=Yes parameter. For example:
```
NetIQSecureLogin.exe INSTALLWITHOUTCACERT=Yes
```
NOTE:You can use the INSTALLWITHOUTCACERT=Yes parameter and continue the remaining installation with the GUI installer. For example, NetIQSecureLogin.exe /install INSTALLWITHOUTCACERT=Yes.
Perform the following steps to modify the registries. The registry modification is necessary to prevent SecureLogin to check for the root CA certificate.
1. Click Start > Run to open the Run dialog box.
2. Specify regedit and click OK to open Registry Editor.
3. Navigate to the HKEY_LOCAL_MACHINE > SOFTWARE > Novell > Login > LDAP key.
4. Right click and click New > DWORD.
5. Rename the DWORD to CACertNotProvided.
6. Edit the CACertNotProvided value to 1.

For more information, see Installing through the Command Line in the SecureLogin CE 24.3 (v9.2) Installation Guide.

2.2.2 Installing SecureLogin in the LDAP Mode Without the Root CA Certificate Using Response.ini (Silent Installation)

IMPORTANT:Upgrading SecureLogin using the response.ini file is not supported.

Perform the following steps to install the SecureLogin in the LDAP mode without the root CA certificate using the response.ini file:

Log in as an administrator.
Specify INSTALLWITHOUTCACERT=YES in the response.ini file.
Launch the command prompt.
Navigate to the location where the SecureLogin installer package is saved.
To install SecureLogin on all the target machines with the response.ini file, run the following command.
```
NetIQSecureLogin.exe /install X_PRIMARYSTORE=LDAP PATHTOISS="c:\temp\response.ini" /quiet
```
Perform the following steps to modify the registries. The registry modification is necessary to prevent SecureLogin to check for the root CA certificate.
1. Click Start > Run to open the Run dialog box.
2. Specify regedit and click OK to open Registry Editor.
3. Navigate to the HKEY_LOCAL_MACHINE > SOFTWARE > Novell > Login > LDAP key.
4. Right click and click New > DWORD.
5. Rename the DWORD to CACertNotProvided.
6. Edit the CACertNotProvided value to 1.

For more information, see Installing SecureLogin in the LDAP Mode Without the Root CA Certificate Using Responsefile.ini (Silent Installation) in the SecureLogin CE 24.3 (v9.2) Installation Guide.