Red Hat Directory Server 8.0 Configuration, Command, and File Reference
Parameter Description
Example nsslapd-auditlog-mode: 600
3.1.34. nsslapd-certdir (Certificate and Key Database Directory)
This is the full path to the directory holding the certificate and key databases for a Directory
Server instance. This directory must contain only the certificate and key databases for this
instance and no other instances. This directory must be owned and allow read-write access for
the server user ID. No other user should have read-right access to this directory. The default
location is the configuration file directory, /etc/dirsrv/slapd-instance_name.
Changes to this value will not take effect until the server is restarted.
Parameter Description
Entry DN cn=config
Valid Values Absolute path to any directory which is owned
by the server user ID and only allows read
and write access to the server user ID
Default Value /etc/dirsrv/slapd-instance_name
Syntax DirectoryString
Example /etc/dirsrv/slapd-phonebook
3.1.35. nsslapd-certmap-basedn (Certificate Map Search Base)
This attribute can be used when client authentication is performed using SSL certificates in
order to avoid limitations of the security subsystem certificate mapping, configured in the
certmap.conf file. Depending on the certmap.conf configuration, the certificate mapping may
be done using a directory subtree search based at the root DN. If the search is based at the root
DN, then the nsslapd-certmap-basedn attribute may force the search to be based at some
entry other than the root. The valid value for this attribute is the DN of the suffix or subtree to
use for certificate mapping. For further information on configuring for SSL, see the "Managing
SSL" chapter in the Directory Server Administrator's Guide.
3.1.36. nsslapd-config
This read-only attribute is the config DN.
Parameter Description
Entry DN cn=config
Valid Values Any valid configuration DN
Default Value
Syntax DirectoryString
Chapter 2. Core Server Configuration Reference
30