Security Software

Hi,

I want to use SSL when accessing LDAP from my Weblogic AppServer and therefore have to provide a server certificate in my iPlanet DS 5.1.

So in my DS, I chose 'Manage Certifcates / Server Certs / Request' and created a Cert Request.
Now I want to create my own certificate with the 'certutil' tool. (Don't know if there is an easier way).

I followed the example in http://www.mozilla.org/projects/security/pki/nss/tools/certutil.html and created my own certifcate by:
1. creating a new certificate DB
2. creating a new binary, self-signed CA certificate
3. converting my above certificate request to binary
4. creating a new binary certificate named mycert.crt from the cert request, issued by the CA certificate above

I got a certificate 'mycert.crt' then, which seems to be recognized as a certificate by the OS (Win2000). Now I tried to install mycert.crt using 'Manage Certifcates / Server Certs / Install / In this local file' from my DS.

But then an error occurs saying that 'the file is either invalid or does not contain a encoded certificate'. I tried to convert the crt file in ASCII format with the BtoA tool, but that also doesn't work.

I think at least one problem is the wrong format, i.e. the crt file doesn't have this
------ BEGIN CERTIFICATE
...
------ END CERTIFICATE
format

Any ideas/comments are welcome,

Andreas