Exporting SSL certificate from the IBM Security Directory Server to a file

To secure communications between IBM Spectrum Control™ and IBM® Security Directory Server, you must export the SSL certificate to a file. The file that is created can then be added to the keystore for IBM Spectrum Control.

Important: This topic is an example of exporting the SSL certificate from the IBM Security Directory Server to a file.
If your LDAP server is the IBM Security Directory Server verify that the Web Administration tool is installed with your IBM Security Directory Server because it includes the correct IBM Key Management (iKeyman) utility.

For more information about exporting the SSL certificate from the LDAP server, see your LDAP administrator and the documentation for your specific LDAP server product.

  1. Open the IBM Key Management utility in your IBM WebSphere® Application Server directory structure.
  2. Select Key Database File > Open.
  3. Complete the following steps:
    1. In Key database type field, select CMS.
    2. In the File Name field, click Browse and go to the location of the key database (.kdb) file that is associated with your IBM Security Directory Server.
    3. Click Open.
    4. Click OK.
  4. On the Password Prompt page, enter the correct password for the key database file and click OK.
  5. In the Personal Certificates list, select the certificate that is the SSL certificate for the IBM Security Directory Server and click Extract Certificate.
  6. Select Base64-encoded ASCII data as the data type and provide a Certificate file name, Location, and click OK.
The SSL certificate is exported from IBM Security Directory Server to a file so it can be added to the web server keystore for IBM Spectrum® Control.