How to add LDAP server’s CA Certificate to the Manager Keystore (when using SSL over LDAP on a McAfee Linux Operating System MLOS NSM)

Artigos técnicos ID: KB93478
Última modificação: 6/8/2021

McAfee Linux Operating System (MLOS) NSM

Using WINSCP, place the CA certificate file into the Network Security Managers /home/admin directory.
Use the keytool executable in the MLOS restricted (admin) shell and import the LDAP server CA cert to the NSM keystore:
1. Type the following command and press Enter:
  run keytool -import -trustcacerts -alias "LDAP Certificate" -file /home/admin/CACert_FileName -keystore /opt/NetworkSecurityManager/App/config/CustomSecurity/CustomJSSEcaCerts
2. At the Password prompt, type changeit and press Enter.
3. At the Trust this certificate prompt, type yes.
4. Restart the NSM services:
  1. Type manager stop and press Enter.
  2. Type manager start and press Enter.
To see if the certificate is added to the Keystore:
1. Type the following command and press Enter:
  
  run keytool -list -keystore /opt/NetworkSecurityManager/App/config/CustomSecurity/CustomJSSEcaCerts
2. At the Password prompt, type changeit and press Enter.
3. View the output.

Network Security Manager 9.2.x
Network Security Manager 9.1.x
Network Security Manager 10.x

Este artigo está disponível nos seguintes idiomas:

Realçar termos do glossário

Reserve alguns momentos para navegar por nosso Glossário de termos técnicos.

Knowledge Center