Red Hat Directory Server 8.0 Configuration, Command, and File Reference
specify the following:
ldapsearch { -Z, -ZZ, -ZZZ } [ -p secure_port ] [ -P certificate_database ] [ -N
certificate_name ] [ -K key_database ] [ -W key database password ]
NOTE
To run ldapsearch over TLS/SSL, either the -Z option is required (for SSL) or
the -ZZ or -ZZZ option is required (for Start TLS).
Option Description
-3 Specifies that hostnames should be checked
in SSL certificates.
-I Specifies the SSL key password file that
contains the token:password pair.
-K
Specifies the absolute path, including the
filename, of the private key database of the
client.
The -K option must be specified when the key
database has a different name than key3.db
or when the key database is not under the
same directory as the certificate database, the
cert8.db file (the path which is specified with
the -P option).
-m Specifies the path to the security module
database, such as
/etc/dirsrv/slapd-instance_name/secmod.db.
This option only need to be given if the
security module database is in a different
directory than the certificate database itself.
-N Specifies the certificate name to use for
certificate-based client authentication, such as
-N "Server-Cert". If this option is specified,
then the -Z, -P, and -W options are required.
Also, if this option is specified, then the -D
and -w options must not be specified, or
certificate-based authentication will not occur,
and the bind operation will use the
authentication credentials specified on -D and
-w.
-P
Specifies the absolute path, including the
Chapter 6. Command-Line Utilities
202