So if I understand this right, there are three ways to make the certs
for an eDir to eDir driver. I think I need to write an article, but I
am still unclear of some details. (Research time...)
DirXML 1.1a days, you get Tree1's Public key, you make a cert in Tree 1.
You make a cert request in Tree 2, using the CSR, you sign it in Tree
1, and set the resulting private key in tree 2.
If I read this right, it is the local tree's certs KMO name. No space
dash space server name involved here. Just PKI name.
IDM 2-today: iManager Wizard.
In this case, the syntax is OtherTreeCert(ThisTreeCert) again, no space
dash space Server name ( - SERVER) in the strings.
IDM 3-today: Designer Cert Wizard
Here you have three options, that are unclear to me, as to the
difference, in terms of consequence.
Tree A is Trusted by Tree B
Tree B is Trusted by Tree A
Mutual Trust (which I usually use).
For Mutual trust XeDirectory:eDirectory
Does that all seem correct?