Chapter 6. Command-Line Utilities
244
Option
Description
-3
Specifies that hostnames should be checked in
SSL certificates.
-I
Specifies the SSL key password
file
that contains
the token:password pair.
-K
Specifies the absolute path, including the
filename, of the private key database of the
client.
The
-K
option must be specified when the key
database has a different name than
key3.db
or when the key database is not under the
same directory as the certificate database, the
cert8.db
file (the path which is specified with
the
-P
option).
-m
Specifies the path to the security module
database, such as
/etc/dirsrv/
slapd-
instance_name
/secmod.db
. This
option only need to be given if the security
module database is in a different directory than
the certificate database itself.
-N
Specifies the certificate name to use for
certificate-based client authentication, such as
-
N "Server-Cert"
. If this option is specified,
then the
-Z
,
-P
, and
-W
options are required.
Also, if this option is specified, then the
-D
and
-w
options must
not
be specified, or certificate-
based authentication will not occur, and the bind
operation will use the authentication credentials
specified on
-D
and
-w
.
-P
Specifies the absolute path, including the option,
of the certificate database of the client. This
option is used only with the
-Z
option.
When used on a machine where an SSL-enabled
web browser is configured, the path specified on
this option can be that of the certificate database
for the browser. For example:
-P /security/cert.db
The client security files can also be stored on
the Directory Server in the
/etc/dirsrv/
slapd-
instance_name
directory. In this case,
the
-P
option would call out a path and filename
similar to the following:
-P /etc/dirsrv/slapd-
instance_name
/client-
cert.db
Содержание 8.1
Страница 8: ...viii ...
Страница 14: ...xiv ...
Страница 16: ...2 ...
Страница 250: ...236 ...
Страница 334: ...320 ...
Страница 372: ...358 ...