Manualshelf

LDAP-UX Client Services B.04.00.02 Release Notes

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software
11121314151617181920
LDAP-UX Client Services Release Notes
Installing, Configuring and Removing LDAP-UX
Chapter 112
Step 3. Use the certutil utility with the -N option to initialize a new database:
/opt/ldapux/contrib/bin/certutil -N -d /etc/opt/ldapux
Step 4. Add the CA certificate or the LDAP server’s certificate to the security
database:
To use the certutil command to add a CA certificate to the
database:
For example, the following command adds the CA certificate,
my-ca-cert, to the security database directory, /etc/opt/ldapux,
with the Base64-Encoded certificate request file, /tmp/mynew.cert:
/opt/ldapux/contrib/bin/certutil -A -n my-ca-cert -t \
"C,," -d /etc/opt/ldapux -a -i /tmp/mynew.cert
NOTE The -t "C,," represents the minimum trust attributes that may be
assigned to the CA certificate for LDAP-UX to successfully use SSL
to connect to the LDAP directory server. If you have other
applications that use the CA certificate for other functions, then you
may wish to assign additional trust flags. See
http://www.mozilla.org/projects/security/pki/nss/tools/certutil.ht
ml for additional information.
To use the certutil command to add the LDAP server’s certificate
to the security database:
For example, the following command adds the LDAP server’s
certificate, my-server-cert, to the security database directory,
/etc/opt/ldapux, with the Base64-Encoded certificate request file,
/tmp/mynew.cert.
/opt/ldapux/contrib/bin/certutil -A -n my-server-cert -t \
"P,," -d /etc/opt/ldapux -a -i /tmp/mynew.cert