Configuring a secure connection to the EIM domain controller

You may want to use Secure Sockets Layer (SSL) or Transport Layer Security Protocol (TLS) to establish a secure connection to the Enterprise Identity Mapping (EIM) domain controller to protect the transmission of EIM data.

To configure SSL or TLS for EIM, you must complete these tasks:

If necessary, use Digital Certificate Manager (DCM) to create a certificate for the directory server to use for SSL.
Enable SSL for the local directory server that hosts the EIM domain controller.
Update EIM Configuration properties to specify that the IBM® i model uses a secure SSL connection.
To update the EIM Configuration properties, complete these steps:
1. From IBM Navigator for i on they system for which you configured EIM, expand Security > All Tasks > Enterprise Identity Mapping.
2. Click Configuration.
3. Select the system you want to work with then right-click and select Properties.
4. On the Domain page, select Use secure connection (SSL or TLS), specify the secure port on which your directory server listens or accept the default value of 636 in the Port field, and click OK.
Update EIM Domain properties for each EIM domain to specify that EIM uses an SSL connection when managing the domain through IBM Navigator for i.
To update the EIM Domain properties, complete these steps:
1. From IBM Navigator for i on they system for which you configured EIM , expand Security > All Tasks > Enterprise Identity Mapping.
2. Click Domain Management
3. Right-click the EIM domain in which you want to work and select Properties.
  - If the EIM domain you want to work with is not listed under Domain Management, review Add an EIM domain to Domain Management.
  - If you are not currently connected to the EIM domain in which you want to work, review Connect to the EIM domain controller.
4. On the Domain page, select Use secure connection (SSL or TLS), specify the secure port on which your directory server listens or accept the default value of 636 in the Port field, and click OK.