Installing the PingDirectoryProxy server with a truststore in non-interactive mode
About this task
If you’ve already configured a trust store, you can use the setup
tool to enable security. The following example enables SSL security and specifies a Java KeyStore (JKS) and truststore that define the server certificate and trusted certificate authority (CA). The passwords for the keystore files are defined in the corresponding .pin
files, where the password displays on the first line of the file. The values in the .pin
files are copied to the server-root/config
directory in the keystore.pin
and truststore.pin
files.
Steps
-
To install a PingDirectoryProxy server with a truststore, run the
setup
tool.$ env JAVA_HOME=/ds/java ./setup \ --no-prompt --rootUserDN "cn=Directory Manager" \ --rootUserPassword "password" \ --ldapPort 389 --ldapsPort 636 \ --useJavaKeystore /path/to/devkeystore.jks \ --keyStorePasswordFile /path/to/devkeystore.pin \ --certNickName server-cert \ --useJavaTrustStore /path/to/devtruststore.jks \ --acceptLicense \ --instanceName ds1 --location Denver In order to update the trust store, the password must be provided See 'prepare-external-server --help' for general overview Testing connection to ds-east-01.example.com:1636 ..... Done Testing 'cn=Proxy User,cn=Root DNs,cn=config' access ..... Created 'cn=Proxy User,cn=Root DNs,cn=config' Testing 'cn=Proxy User,cn=Root DNs,cn=config' access ..... Done Testing 'cn=Proxy User,cn=Root DNs,cn=config' privileges ..... Done Verifying backend 'dc=example,dc=com' ..... Done