In a mixed environment of Entrust IDs and non-Entrust certificates, each side (client and server) must import the other’s CA certificate so that it will be recognized and accepted as coming from a trusted CA. For example, import the Entrust CA certificate into the non-Entrust server’s PKCS #11 token using EAServer Manager | Certificates folder (the Entrust CA certificate is imbedded in the user profile’s .key file). Mark the CA certificate trusted.
See Chapter 14, “Managing Keys and Certificates” for information about importing CAs and marking certificates as trusted.
You can then use the certificates and Entrust IDs as follows:
Client side client applications establish security through the ORB/global property or callback feature.
Server side to allow non-Entrust clients, select the allow non-Entrust client check box when you configure a security profile. See “Configuring security profiles” for more information.
