I need detailed instructions on how to create the certificate in AD to use with Authentication Manager 8.1. I am unable to find these steps and they are NOT in the documentation.
Do you mean a certificate used to configure an LDAPS identity source connection between AM 8.1 and AD? Or do you want to replace the default AM 8.1 console certificate with a new one signed from you local Domain controller CA ?
In case you want option 1, you may find KB 000030537 helpful.
There 3 kinds of Certs in Auth Manger as Mostafa alluded to, 2 might be replacements for RSA self-signed Certs, 1 is for LDAPS encrypted connections for an External Identity Source ;
1. To replace Server console certs used for https://<rsa_am_name>:7004/console-ims you must generate a CSR, Certificate Signing request for a Console identity Certificate in the RSA AM operations console https://<rsa_am_name>:7072/operations-console
Get this CSR signed by a public or your private Microsoft Certificate Authority, CA, and import the response file, see attached
2. Web Tiers can have a Virtual host, which faces the public internet, similar concept, generate a CSR for a replacement to your RSA signed Virutal Host Certificate in the Operations console, then import the signed response. Let me know if you need details on this
3. If you want your external AD identity source to use encrypted LDAPS on TCP port 636 instead of unencrypted LDAP on TCP port 389, you just need a copy of the Cert from a Domain Controller that you are pointing to, see attached.
Retrieving data ...