Manualshelf

HP-UX IPSec Version A.03.00 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX IPSec Software
121122123124125126127128129130
Range: 1 - 65535.
Default: 389, the IANA registered TCP port number for LDAP.
-base search_base
Search base for the certificate, in X.500 Distinguished Name (DN) format, such as
C=US,O=HP,OU=Lab. The search base with the search filter appended to it form a search path
to the location of the userCertificate attribute in the LDAP directory.
If there are spaces in the DN, you must enclose the DN in double quotes (““ ). For example,
C=US,O=My Company,OU=Blue Lab.
Default: None.
-filter search_filter
An RFC 2254-compliant LDAP search filter. If it includes spaces or shell special characters, enclose
the value in double quotes. For example, -filter "objectClass=*".
Default: "objectClass=*" (match all values for objectClass).
-user user -password password
User and password needed to access the LDAP directory. If the user name includes spaces,
enclose the name in double quotes.
Default: None.
Examples
The following example retrieves a host certificate from a directory server with a simple tree
structure:
ipsec_config add mycert -ldap myDirSrv.hp.com \
-base "o=HPUXIPSec" \
-filter cn=myHost"
The following example retrieves a host certificate from a directory server with a more complex
tree structure that also requires password authorization:
ipsec_config add mycert -ldap myADS.hp.com \
-base "cn=myHostB,cn=Public Key Services,CN=Services,CN=Configuration,DC=IPsec,DC=hp,DC=com" \
-filter "objectClass=certificate" \
-user "adminCW@hp.com" \
-password myPass
Step 2: Adding the Local Certificate 123