Setting up SSL for JES
I'm trying to install a couple of Directory Servers, using the 2005Q5 JES on Solaris 10 6/06 (although the final deployment will be on Windows).I'm a newsomer to the whole `Enterprise Software' thing but have lots of Solaris SA experience.
I'm using 4 machines (actually 4 zones on one machine for now, but I don't think this matters):admin-server has the console and admin server running on it,cf-server has rthe configuration directory server (and should probably be folded into the admin server machine, but I don't want to change it now), and two directory server instances.
I want them all to talk to each other with SSL. Using the console GUI, I can talk to the admin server instance, and install a root CA certificate and a server cert signed by it. After alot of mucking around I then found out where to stash the security module password so it will boot unattended (in .../admin-serv/config/password.conf, with a keryword of NSS Certificate DB).
But the same trick doesn't work at all for the directory servers: if I choose theManage Certificates task from the console, I get a stupid empty window. This includes for the config server instance.
I figure there is some issue of trust between the admin server and the various directory servers, but I can't work out what it is.
Has anyone made this work?
Thanks
--tim
