HP-UX Trusted Computing Services A.02.00 Administrator's Guide
defined in RFC 2255 and can include additional components, such as the LDAP directory
base.
<Directory "/myProtectedDirectory">
AuthName "myAuthName"
AuthName "myServer LDAP name"
AuthType Basic
Require valid-user
# Stunnel listens on localhost:7777
AuthLDAPURL ldap://localhost:7777
</Directory>
Secure LDAP Server Configuration
Using the TPM-protected key for the client certificate is transparent to the server, and the
configuration on the secure LDAP server is the same as it would be for any secure LDAP client.
Distribute and install the client certificate as described in the LDAP server documentation.
Backing Up Keys
Key backup is a two step process for TCS RSA key pairs:
1. Back up the TCS RSA key pairs. These are the key blob files created by tpmcreate and you
can back them up as you would any other files, using any file backup utility.
2. Back up and restore the TPM key hierarchy using the tpmadm command. For more
information see “Creating and Restoring TPM Key Backup Files” (page 31).
Backing Up Keys 53