First, welcome to the products.

Second, there is an Identity Manager (IDM) forum, with an engine and
drivers subforum, as well as a Designer subforum. I'd probably go for the
first of those, and post this there where the IDM experts are.

Third, I'd use Designer rather than iManager. It may also be worthwhile
to make sure the drivers work without any TLS/SSL, just to be sure the
communications channels are open network-wise.

Fourth, eDirectory 8.8 SP8 is end of life, and IDM 4.5 is too. While
normally I do not care about this type of thing, one of the big changes
from eDir 8.8 to 9.x was the change of TLS/SSL that has happened
industry-wide, obsoleting old things like SSLv3 and requiring things like
TLS 1.2. While both versions may have some overlap with TLS 1.0, and
while this may not really matter for the simple certificate exchange, this
might be something to consider sooner than later (upgrading the older
environment). iManager 3.x is made for eDirectory 9.x, and while I've had
no issues managing eDir 8.8 with it, I have not tried this particular
operation with it either, as I basically always use Designer these days.
With that in mind, IDM 4.7 is supposed to use Designer 4.7, which is
LDAP-based entirely, and IDM 4.5 used earlier versions which were entirely
NCP-based, so be sure to use the older versions (Designer 4.6 with SPs),
the non-LDAP version, to work with both at the same time until you get the
older environment upgraded to at least 4.6.

Good luck.

If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below.

If you want to send me a private message, please let me know in the
forum as I do not use the web interface often.