I've got IDM on OES2 SP3 64-bit.

I've got the LDAP driver talking to a "remote" OID instance (but NO
Works fine with cleartext.

We are syncing one-way (I suppose technically the OID is "subscriber
only") from eDir to OID.

I'm reading the docs on configuring SSL (the OID instance is now set to
SSL only).

But I'm having some trouble either interpreting the docs, or doing
something wrong.

The way I interpreted the docs is that I need the public key of the
Trusted Root CA on the OID server that issued its SSL cert.
I have that.

I'm supposed to then (on the Linux box) :

> You need to import the trusted root certificate into a certificate store
> (also called a keystore) that the driver can use.
> Use the KeyTool class found in rt.jar.
> For example, if your public key certificate is saved as
> PublicKeyCert.b64 on a your local disk and you want to import it into a
> new certificate store file named .keystore in the current directory,
> enter the following at the command line:
> java sun.security.tools.KeyTool -import -alias TrustedRoot -file
> A:\PublicKeyCert.b64
> -keystore .keystore -storepass keystorepass

But when I try that, I get a message stating that:
the java class is not found: sun.security.tools.KeyTool

IF I remember correctly, no SLES distribution (and hence OES) includes
the Sun Java stuff, only the IBM stuff.

If that's the case, then why do the docs tell me to run the sun java

Or am I doing something wrong?

kjhurni's Profile: https://forums.netiq.com/member.php?userid=322
View this thread: https://forums.netiq.com/showthread.php?t=48732