Testing SSL communication between servers

Test the SSL communication between ISIM Server and IBM Security Directory Server.

1. Test that the Security Directory Server is listening. In the $TDS_INSTALL_HOME/bin directory on the computer where Security Directory Server is installed, enter the following command:
   ldapsearch -b dc=com –K /certs/LDAPSERVER_TEST1234.kdb –p 636 -s base "objectclass=*"

   LDAPSERVER_TEST1234.kdb is the name of the key database. The result has entries for the top-level schema similar to the following entries.

   dc=com
   objectclass=top
   objectclass=domain
   dc=com

2. Log on to the IBM Security Identity Manager virtual appliance console.

3. From the top-level menu of the Appliance Dashboard, click Configure > Manage External Entities > Directory Server Configuration.

4. Click Configure.

5. In the Directory Server configuration details window set. For more information, see Manage the directory server configuration.

6. Select the SSL check box to manage the secure connection.

7. Click Save Configuration.

8. To confirm that secure communication is configured, log in with your user ID and password to ISIM Server.

   A successful login indicates that we configured SSL communication between ISIM Server and the directory server.

9. If your login does not succeed, an error message on the login screen indicates that the directory server is not available. After you analyze the LDAP configuration log and ISIM Server log, try the configuration steps again.

   Additionally, we might determine whether.

   • Statements were correctly added to the ldapConfig.lax file.
   • Required spaces were entered in the ldapConfig.lax file.

   • The path to the truststore file is valid.

   • The truststore file is corrupted.

Parent topic: Secure communication with supported middleware