SSL client certificate management

The SSL client requires that a valid certificate and corresponding private encryption key be installed before SSL is enabled.

Two methods are available for generating the private key and required certificate: using a self-signed certificate and using a certificate that is signed by a certificate authority.

Note: SSL client certificate management is optional. You can still enable the SSL client for LDAP without generating a self-signed certificate or importing a signed certificate to the client.

The procedure for generating the private encryption key and certificate for the SSL client is the same as the procedure for the SSL server, except that you use the SSL Client Certificate Management section of the Security web page instead of the SSL Server Certificate Management section. To use a self-signed certificate for the SSL client, see Generating a self-signed certificate. To use a certificate-authority-signed certificate for the SSL client, see Generating a certificate signing request.