Environment
freeRADIUS
Radius iManager Plug-in
Radius iManager Plug-in
Situation
The Radius plug-in for iManager requires a secure LDAP connection.
You will be able to install the Radius plug-in on iManager Workstation 2.7, however when you attempt to use any tasks that require a Secure connection, such as "Extend Schema" you will get the following error:
Creaing secure SSL LDAP context failed:
Connect Error
You will be able to install the Radius plug-in on iManager Workstation 2.7, however when you attempt to use any tasks that require a Secure connection, such as "Extend Schema" you will get the following error:
Creaing secure SSL LDAP context failed:
Connect Error
Resolution
Import the a SSL certificate into the iManager Workstation 2.7 using keytool.
Prior to running keytool, export a certificate from the tree via iManager. Login to iManager | Novell Certificate Server | Configure Certificate Authority | Select the Certificates tab | Select the Self Signed Certificate tab | Export | Uncheck the "Export private key" option | Verify the Export format is "Der" | Next | Click "Save the exported certificate" link and save to the desired location.
Next, run the keytool command:
keytool -import -alias Alias_Name -file c:\path_to_exported_cert.der -keystore C:\path_to_cacerts file
When prompted for password, type "changeit" and then answer "yes" to "Trust this certificate?"
If iManager Workstation 2.7 is loaded, log out and close the browser to "restart" the imbedded tomcat.
Example:
In this example, iManager 2.7 Workstation was extracted to C:\iMan27
C:\iMan27\imanager\bin\windows\java\bin>keytool -import -alias UTAH -file c:\cert.der -keystore C:\iMan27\imanager\bin\windows\java\jre\lib\security\cacerts
Enter keystore password: changeit
Owner: O=UTAH, OU=Organizational CA
Issuer: O=UTAH, OU=Organizational CA
Serial number: 21c12034e140cfc54c44e51afd2989e2d1c50beeafd32e3db8dbf0c569402010acb18
Valid from: Wed Jan 21 14:18:46 MST 2009 until: Mon Jan 21 14:18:46 MST 2019
Certificate fingerprints:
MD5: E4:3E:98:B4:10:34:B5:C5:85:36:97:EE:82:73:43:8A
SHA1: 8E:48:45:EC:43:7A:D3:B0:31:F4:64:EA:48:16:C0:5B:1D:AF:9D:00
Trust this certificate? [no]: yes
Certificate was added to keystore
Prior to running keytool, export a certificate from the tree via iManager. Login to iManager | Novell Certificate Server | Configure Certificate Authority | Select the Certificates tab | Select the Self Signed Certificate tab | Export | Uncheck the "Export private key" option | Verify the Export format is "Der" | Next | Click "Save the exported certificate" link and save to the desired location.
Next, run the keytool command:
keytool -import -alias Alias_Name -file c:\path_to_exported_cert.der -keystore C:\path_to_cacerts file
When prompted for password, type "changeit" and then answer "yes" to "Trust this certificate?"
If iManager Workstation 2.7 is loaded, log out and close the browser to "restart" the imbedded tomcat.
Example:
In this example, iManager 2.7 Workstation was extracted to C:\iMan27
C:\iMan27\imanager\bin\windows\java\bin>keytool -import -alias UTAH -file c:\cert.der -keystore C:\iMan27\imanager\bin\windows\java\jre\lib\security\cacerts
Enter keystore password: changeit
Owner: O=UTAH, OU=Organizational CA
Issuer: O=UTAH, OU=Organizational CA
Serial number: 21c12034e140cfc54c44e51afd2989e2d1c50beeafd32e3db8dbf0c569402010acb18
Valid from: Wed Jan 21 14:18:46 MST 2009 until: Mon Jan 21 14:18:46 MST 2019
Certificate fingerprints:
MD5: E4:3E:98:B4:10:34:B5:C5:85:36:97:EE:82:73:43:8A
SHA1: 8E:48:45:EC:43:7A:D3:B0:31:F4:64:EA:48:16:C0:5B:1D:AF:9D:00
Trust this certificate? [no]: yes
Certificate was added to keystore