Welcome Serena Central users! CLICK HERE
The migration of the Serena Central community is currently underway. Be sure to read THIS MESSAGE to get your new login set up to access your account.
Highlighted
Anonymous_User Absent Member.
Absent Member.
365 views

Setting SSL Between eDirectory and iManager


Hello,

I am new into iManager and I would like that some one give me all the
useful links to enable SSL between iManager and eDirectory (Novell IDM)
( iManager on Tomcat and iManager ans a fat cleint)

Regards


--
iammi
------------------------------------------------------------------------
iammi's Profile: http://forums.novell.com/member.php?userid=71308
View this thread: http://forums.novell.com/showthread.php?t=454533

Labels (1)
0 Likes
3 Replies
Anonymous_User Absent Member.
Absent Member.

Re: Setting SSL Between eDirectory and iManager

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

For things which require SSL (Universal Password stuff, for example) SSL
is automatically used. For the rest, NCP is used which is not SSLized
in the same way that things like HTTP and LDAP are. The data within the
packets, though, are encrypted when those attributes should be encrypted
as defined in schema or by 'Encrypted Attributes' functionality in
eDirectory 8.8+. For example, NMAS stuff is encrypted using NICI
functionality, even though the outside packets are not wrapped in an
SSLized layer.

Good luck.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.18 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJPhboeAAoJEF+XTK08PnB5hD8P/1D18Twwawc03BjmizUNt8eW
NPPF7TgKJjHpzoXP76FuWDMOb5kz47cUyM17FfMrXxHrlkm2W7ojjLFOZZVv841l
B4FbK6rqhkzznSZBRJ8A8cOUZmOJrzAyJaOLoeUMjcj699g4G8cYfCz2rnDfme48
46lRgIC1ncNzWGV5szlvnv4y2rFbuPdgy7LO9tU+6NiC+esiFPsczPzViGh/QZjo
fVFlFumxJhlWe/EoA9MgllaNCdggpdtV3QWmqqURJJUEUfMiRNnXsnEhEri7FKEt
ivakN/DUPKggAT6bPrGS0HNZKhAgbnRKqWnTMrPFmsBfhw648mjj+BjenMHMBdQA
52DyHnSICB8ZkXkM6VS+ZCUxMOMM/ZLSlKBGGi12pBz2uMhV7K7swDtPIOo+c/NQ
Yif8hRR/bPh6+JFBfVplWevjWKhGjTEAgZ3qbuDe6FNiWALhAWS+0u6IPsE3D2ft
5nOSzTS2jVyPkTGh13HeFV+aufJBuYo9nod0c+lIWYIi6T4E4WZbUcGSlh4WJO6p
vmyYlMER5CFZA0FrNPn6l8RNRBNnoSVc2iXDLewUbb8DBp9veB55/1pkSSUCkHqu
ZtXGUxMGoXyr2sTDj4uL3lRJpFXL3/Qfnsz1HooE8QWbarhIPESK0iuSEGn4eRVN
aBVi1Budx5tzMH2+lSGH
=/GiP
-----END PGP SIGNATURE-----
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Setting SSL Between eDirectory and iManager


"For things which require SSL (Universal Password stuff, for example)
SSL
is automatically used"

But what if iManager is installed on a box other than the one running
eDirectory, we all know that iManager JVM may require to trust eDir X509
Certificate

What do you think ?

Regards


--
iammi
------------------------------------------------------------------------
iammi's Profile: http://forums.novell.com/member.php?userid=71308
View this thread: http://forums.novell.com/showthread.php?t=454533

0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Setting SSL Between eDirectory and iManager

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

That's often the case, and in the case of iManager Workstation that's
always the case. I've never seen that be a problem in the past. I
assume, without doing any checking, that this is because iManager knows
how to access the server directly via NCP so going directly to the
server is possible making the certificate more trustworthy.

Good luck.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.18 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJPhd3AAAoJEF+XTK08PnB5gOgQAI0ZnFL0h2fcE7EkVxOb4Sc5
k0ipqSPBLEXt6GQ96HI2m1lBbiWsj5HrG84t0k7FPKu+tScrcho4Zf4d7JbHQRKv
iHEOR6GgN2khS4rcDTdh54ck4zpupXqWOVEw3n/3oEFbB14oC/hguJK5gyzZe9Ri
1laYhgHerpYKfAnK+5IxOFI1HwMR6FhJg0ELkyKCyL4RYaV6fcHWvLSwIg25BOLD
n6JEfc2DGkjgiry4ix7Nr43Uzsip34H/d313/8Jk2YEB+AG4pKlh5hKmU+4Ma6Tx
50Dq9FPDmw64wRDqoMO/CWo3r1bEMhR+woGqE2up5Jjkrs8VXvjD9OhJxkZQdb6H
CYJG76Tai+rgL8NL7OoyFaTPSvTWwvQXex3KI+Mq91ybvUyGzjdaKOiYZ+j7OU9D
ou8LSwCG0r7hf24AW57SJaifiSahnHdMRBPFOL1kBH9YRRDuNkote/iMPTyjlzPD
NAYD8oPmiQSh7zw7VQt6JTq0TbfMYUlcPTwBMAXLAOAKbgw5CRuXj8Xlvj0DkJ7E
op8nJ8JeV6iIdB/qYyP+mFi/1tkh1FfZNlSd+datjLjhgq91pY7P24yqXIWoXc3F
1tj25bH5LtQlXeUfqi7V7zm+kShMT9i9H2piG6CE4CuaYBXur8kGBU6a69yMpgSd
c8iRFrdQNOAqVtRxbyWW
=Zuzx
-----END PGP SIGNATURE-----
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.