Environment
NetIQ Identity Manager 4.0.x
Situation
In order to allow Java to securely make SSL connections to servers, it is best to have Java trust the Certificate Authority (CA) of that certificate, or to trust that certificate explicitly. Normally this is done by adding a certificate to a truststore which exists in the form of a cacerts file.
Resolution
The IDM engine's cacerts file is located at the following location for a root-based installation of eDirectory:
Linux:
x86_64:
/opt/novell/eDirectory/lib64/nds-modules/jre/lib/security/cacerts
x86_32:
/opt/novell/eDirectory/lib/nds-modules/jre/lib/security/cacerts
Solaris:
x86_64:
/opt/novell/eDirectory/lib64/nds-modules/jre/lib/security/cacerts
x86_32:
/opt/novell/eDirectory/lib/nds-modules/jre/lib/security/cacerts
Windows:
C:\Novell\NDS\jre\lib\security\cacerts
NetWare: Normally this concept of cacerts was not used in NetWare. The directory that would have been used though would be:
sys:java\lib\security\cacerts
Before modifying this file, create a backup. The keytool command, also part of the Java Runtime Environment (JRE) installed at this location, is the tool for modification of truststores or keystores in this environment.
Linux:
x86_64:
/opt/novell/eDirectory/lib64/nds-modules/jre/lib/security/cacerts
x86_32:
/opt/novell/eDirectory/lib/nds-modules/jre/lib/security/cacerts
Solaris:
x86_64:
/opt/novell/eDirectory/lib64/nds-modules/jre/lib/security/cacerts
x86_32:
/opt/novell/eDirectory/lib/nds-modules/jre/lib/security/cacerts
Windows:
C:\Novell\NDS\jre\lib\security\cacerts
NetWare: Normally this concept of cacerts was not used in NetWare. The directory that would have been used though would be:
sys:java\lib\security\cacerts
Before modifying this file, create a backup. The keytool command, also part of the Java Runtime Environment (JRE) installed at this location, is the tool for modification of truststores or keystores in this environment.