Custom Certificates

Custom Certificates
A Directory Server can have TLS encryption enabled, without Use Custom Certificates being enabled. This means it will attempt to use the demonstration certificates which can be installed with the product. Micro Focus strongly recommends that you use custom certificates for all deployments especially production systems.

Configuration options

Custom Certificates

To secure a network endpoint you will require the following, as a minimum:

  • A TLS certificate.
  • A TLS key with a passphrase.

To ensure a Directory Server network endpoint is TLS secured with custom certificates, use ESCWA to perform the following steps:

  1. In the top menu bar, click Native.
  2. In the Native Navigation pane, expand Directory Server.
  3. Click the directory server you require, then click Properties > Connection.

    This takes you to the Connection Properties page.

  4. Check Enable TLS.
  5. Check Use Custom Certificates
  6. In the Certificate File field, type the location of the TLS certificate on the machine where this process runs.
  7. In the Keyfile field, type the location of the TLS key on the machine where this process runs.
  8. In the Keyfile Password field, type the TLS key passphrase.
  9. Click Apply.
  10. Restart the Directory Server process.

See Securing Communications between ESCWA and MF Directory Server using TLS and Securing Communications Process to MF Directory Server using TLS for more information.

Parent topic: Configuration Report