Novell’s iChain platform addresses the demands of B2B systems in a way that greatly simplifies their deployment and usability, especially in a multivendor environment. Novell iChain 1.5 is an integrated solution designed to securely link all the disparate elements of your network into one secure infrastructure. The iChain solution leverages Novell’s Internet Caching System (ICS) to secure access to company information and databases. On the back end, iChain leverages NDS eDirectory to serve as a single repository of users’ authentication information and access control privileges.
As a foundation for eBusiness solutions, iChain provides these core services:
- Installation services
- Proxy services
- Authentication services
- Authorization services
- Web Single Sign-On services
- Management services
- Community services
The iChain ICS component provides the installation, proxy, authentication, and authorization services. Web Single Sign-On services are provided through iChain ICS and the Authorization Server. The iChain Authorization Server also handles management services. Community services will be available through Novell Consulting.
Installing your Certificate in Novell IChain 2.2 or 2.3
- Extract the ZIP file containing the DigiCert signed certificate. You should have four certificate files:Server Certificate, e.g., www_domain_com.crt
DigiCertCA.crt
DigiCertCA2.crt
TrustedRoot.crt - Download the DigiCert root certificate.
- In the iChain Admin GUI, click on Home -> Certificate Maintenance, and select the Certificate Name. The status of the certificate should be “CSR in process.”
- Click on Store Certificate, then open the following certificate files with a text editor, and paste them in the appropriate fields:CA Certificate Contents = DigiCertHighAssuranceEVRootCA.crt (downloaded in Step 2)
Intermediate Certificate Contents = DigiCertCA.crt (make sure the “Include intermeidate certificate” checkbox is checked)Server Certificate Contents = Server Certificate, ex. www_domain_com.crtNote: You will NOT paste the contents of DigiCertCA2.crt at this time. Hold on to it for later. - Click on “Create” then “Apply.” The certificate status should change to “Active.”
- The certificate is now installed ready to be assigned to the accelerators.Certificate Chain installation:Note that these steps are only required if you received a DigiCertCA2.crt file.
- Open ConsoleOne and log into the Tree where the iChain Service Object is located.
- Locate and right-click on iChain’s trusted root store, and click on “New” then “Object.”
- Choose “NDSPKI: Trusted Root Object” and click “OK.”
- Type in an NDS Object Name, such as DigiCertBridge,” and Paste in the contents of DigiCertCA2.crt (or Read from File), and click “Finish.”
- Open the iChain GUI, go to Configure -> Access Control, and click on “Refresh ACLCHECK.”
Wait about a minute, and then you can check if the chain is correctly installed using the DigiCert SSL Checker Tool. Your DigiCert certificate files should now be installed and properly configured.
Installing your certificate in older versions of Novell Ichain
- Download the Primary, Intermediate, and Root certificate files from your DigiCert account.
- You’ll need to create a single SSL Certificate from the intermediate and root certificates. To do so, open a text editor (like NotePad), and paste in the contents of your intermediate certificate. Then paste in the contents of the root certificate. (In both cases, you must include the BEGIN and END tags.) Save this new certificate as DigiCertbundle.pem
- Now, go to ConsoleOne and open the ICS container for your iChain server, and open the certificate.
- Under the Certificates tab, click on Import. Then choose Read from File, and find the new DigiCertbundle.pem certificate you created.
Hit Next. Choose Read from File, and browse to your DigiCert SSL certificate (your_domain_name.crt), then click Finish.
If you get an error stating that the certificate’s subject does not match the object’s subject, do the following:
- Accept the certificate.
- On the iChain server, click on Apply. This will install the certificate but give you an error 1240. Now open the accelerator for the website you’re securing. In the Certificate drop-down menu (in the Secure Exchange area), the certificate should be available. Select it, click OK and Apply.
- Refresh the Management display if it does not do so automatically. The site is now secured.
We hope this article helped you with this easy process. If you cannot use these instructions, we recommend you contact either the vendor of your software or the hosting organization that supports it.