Chapter 6. Command-Line Utilities
262
Option
Description
-3
Specifies that hostnames should be checked in
SSL certificates.
-I
Specifies the SSL key password
file
that contains
the token:password pair.
-K
Specifies the path, including the filename, of
the private key database of the client. Either
the absolute or relative (to the server root) path
can be used. The
-K
option must be used when
the key database has a different name than
key3.db
or when the key database is not under
the same directory as the certificate database,
the
cert8.db
file (the path for which is specified
with the
-P
option).
-N
Specifies the certificate name to use for
certificate-based client authentication. For
example:
-N Server-Cert
If this option is specified, then the
-Z
and
-
W
options are required. Also, if this option is
specified, then the
-D
and
-w
options must not
be specified, or certificate-based authentication
will not occur, and the bind operation will use the
authentication credentials specified on
-D
and
-
w
.
-P
Specifies the absolute path, including the
filename, of the certificate database of the client.
This option is used only with the
-Z
option.
When used on a machine where an SSL-enabled
web browser is configured, the path specified
on this option can be pointed to the certificate
database for the web browser. For example:
-P /security/cert.db
The client security files can be stored on
the Directory Server in the
/etc/dirsrv/
slapd-
instance_name
directory. In this case,
the
-P
option calls out a path and filename
similar to the following:
-P /etc/dirsrv/slapd-
instance_name
/client-
cert.db
-Q
Specifies the token and certificate name, which is
separated by a semicolon (:) for PKCS11.
Summary of Contents for 8.1
Page 8: ...viii ...
Page 14: ...xiv ...
Page 16: ...2 ...
Page 250: ...236 ...
Page 334: ...320 ...
Page 372: ...358 ...