21.1 Enabling Mutual SSL Communication and Certificate Revocation List

To enable the mutual SSL communication and CRL in the Sentinel server:

Go to the <sentinel_installation_path>/opt/novell/sentinel/bin directory.
Run the following command as novell user:
```
 ./createDefaultMutualCert.sh 
```
(Conditional) If the certificate is created through the script before converting the server into FIPS mode, then complete the following steps:
1. Go to <sentinel_installation_path>/opt/novell/sentinel/bin/.
2. Run the following command:
```
./convert_to_fips -i <sentinel_installation_path>
/etc/opt/novell/sentinel/config/
.defaultRestClient.p12
```
3. Restart Sentinel:
```
rcsentinel restart
```
Go to <sentinel_installation_path>/opt/novell/sentinel/setup directory in Collector Manager and Correlation Engine.
Run the following command and follow on-screen instructions to make Collector Manager and Correlation Engine compatible with the Sentinel server:
```
./configure.sh
```

NOTE:If the Collector Manager and Correlation Engine are in CRL mode and not able to connect to the server, then upgrade the cURL version on the machine to 7.60 or above.