Environment
DirXML 1.1 Remote Loader
DirXML 1.1a Remote Loader
Situation
Resolution
Before you begin, be sure to stop the remote loader service and stop the AD-Driver.
The following steps are to be done within ConsoleOne.
A.Create a new Key Material Server Certificate.
1. Select the container in the eDirectory tree where you want to
create the certificate.
5. Click Next and you will see a summary screen outlining what have
you have specified. If all is correct click Finish to create the
object.
B.Export the trusted root certificate as a Base64
file.
1. You can export this from either the Organizational CA or the NDSPKI:Key Material object created in Step A.
Organizational CA
a. Right click on the Organizational CA under the
Security container.
export the NDSPKI:Key Material object
a. Right click on the NDSPKI:Key Material object
created in Step A
2. Click Export
C. Configure the ADDriver to use the NDSPKI:Key Material object created in Step A.
1. Right click on the ADDriver object and select Properties
...
2. Select the DirXML | Driver Configuration | Authentication
tab.
hostname=xxx.xxx.xxx.xxx port=xxxx kmo=
Where the 'KMO Object name' is the name of the NDSPKI:Key
Material object created in Step A.
NOTE:If you use spaces in the name of the certificate you will need to put the certificate name in quotes (e.g. kmo="SSL MY DIRXML SERVER"). If there are no space in the name you DO NOT need the quotations.
NOTE: Only have one space after the IP address or DNS name and only one space after the port number. These should be the only two spaces in the entire field, excluding any that have quotation marks as mentioned above.
4. Click OK to close the Properties window.
D.Configure Remote Loader to use SSL.
1. Double-click on the 'Dirxml RemoteLoader Configuration
Wizard' icon on the desktop of the Windows server that is running
Remote Loader.
4. Click Next.
E.Restart the remote loader service, and then restart the AD-DRIVER.
Before starting the driver make sure that the Remote Loader trace says, "Waiting for DirXML to connect on 'TCP server socket, port XXXX, address localhost, using SSL'..."
.Additional Information
Formerly known as TID# 10083691