Adding a Certificate
If you want to use Secure Sockets Layer (SSL) authentication to communicate securely with a directory server, you must add the trusted public certificate of the directory server, or the public certificate of the directory server's certificate authority, to the cacerts keystore file.
If you want to strengthen the security and validate the client as well, you must add the client's trusted public certificate (or the public certificate of the client's certificate authority), and the corresponding private key, to the clientcerts keystore file. See Adding a Private Key for more information on adding a private key.
When you add a certificate, the keystore files are updated and encrypted.
To add a certificate:
1. Do one of the following:
If you are setting up server authenticated SSL, from the Security Menu, choose Trusted Servers and CAs.
If you are setting up client authenticated SSL, from the Security Menu, choose Client Certificates.
2. Click the Add Certificate button.
3. From the Open dialog, choose the trusted public certificate that you want to add to the keystore, and then click the Open button.
4. Confirm that this is the certificate that you want to add, and then click OK.
5. Enter a name for the certificate, and then click OK.
6. Enter the keystore password, and then click OK.
7. Click OK to close the dialog.