Siteminder R12 Documenations said.
Considerations for Existing LDAP User Directory Connections Over SSL
Configuring an LDAP user directory connection over SSL requires that you configure CA SiteMinder to use your certificate database files.
The Policy Server requires that the certificate database files be in the Netscape cert8.db file format. Use the Mozilla Network Security Services (NSS) certutil application installed with the Policy Server to convert existing cert7.db certificate database files to cert8.db format.
Note: The following procedure details the specific options and arguments to complete the task. For a complete list of the NSS utility options and arguments, refer to the Mozilla documentation on the NSS project page.
Important! Before running a CA SiteMinder utility or executable on Windows Server 2008, open the command line window with administrator permissions. Open the command line window this way, even if your account has administrator privileges.
To convert the certificate database file
From a command prompt, navigate to the Policy Server installation bin directory.
Example: C:\Program Files\CA\SiteMinder\bin
Note: Windows has a native certutil utility. Verify that you are working from the Policy Server bin directory, or you can inadvertently run the Windows certutil utility.
Enter the following command:
certutil -L -d certificate_database_directory [-p prefix_name] -X
-d certificate_database_directory
Specifies the directory that contains the certificate database files to convert.
-p prefix_name
(Optional) Specifies any prefix used when creating the existing cert7.db file (for example, my_cert7.db).
Certutil converts the existing cert7.db file to cert8.db format.
If I am using RedHat 6, anyone know how to get this certutil?