Manuals / Brands / Computer Equipment / Software / HP / Computer Equipment / Software

HP UX Direry Server task, Table, Table, NOTE:, Table, Table, option, modutil, Tasks and options, “Options for modutil”, “Options for modutil”, “Task commands for modutil”

1 68

Download 68 pages, 1.59 Mb

Where task is one of the commands listed in Table 4-1 “Task commands for modutil” and option is from Table 4-2 “Options for modutil”. Each modutil command can take one task and one option.

Tasks and options You can use the modutil tool to perform a number of different tasks. These tasks are specified through the use of commands and options. Commands specify the task to perform. Options modify a task command.

NOTE:

Each modutil command can take one task and one option.

Table 4-1 “Task commands for modutil” describes what the modutil commands do and what options are available for each. Table 4-2 “Options for modutil” defines what the options do.

Table 4-1 Task commands for modutil

Tasks	Description	Allowed options
-addmoduleName	Adds the named PKCS #11 module	-libfilelibraryFile
	to the database.	-mechanismsmechanismList

-changepw token	Changes the password for the named	-pwfilepasswordFile
	token. If the token has not been	-newpwfilenewPasswordFile
	initialized, this option initializes it
	with the supplied password. In this
	context, the term password is
	equivalent to a personal identification
	number (PIN).

-create	Creates new secmod.db, key3.db,	-dbdirdbFolder
	and cert8.db files. If any of these
	security databases already exist in a
	specified directory, the modutil tool
	displays an error message.

-defaultmoduleName	Sets the security mechanisms for	-mechanismsmechanismList
	which the named module is a default
	provider.

-deletemoduleName	Deletes the named module.
	You cannot delete the internal PKCS
	#11 module.

-disablemoduleName	Disables all slots on the named	-slotslotName
	module. To disable a specific slot, use
	the -slotoption.

-enablemoduleName	Enables all slots on the named	-slotslotName
	module. To enable a specific slot, use
	the -slotoption.

-fipstrue false	Enables or disables FIPS-140-1
	compliance for the internal module.
	true enabled FIPS compliance, and
	false disable FIPS compliance.

-force	Disables the modutil tool's
	interactive prompts so it can be run
	from a script. Use this command only
	after manually testing each planned
	operation to check for warnings and
	to ensure that bypassing the prompts
	will cause no security lapses or loss
	of database integrity.

46 Admin Server command-line tools

Contents

HP-UXDirectory Server Version Page Table of Contents Glossary Index 1 Introduction to HP-UXDirectory Server SSL TLS NOTE: 2 Admin Server configuration 2.1 Directory Server file locations 2.2 Starting and stopping the Admin Server 2.2.1Starting and stopping Admin Server from the console 2.2.2 Starting and stopping Admin Server from the command Line 2.3 Opening the Admin Server console Figure 2-1Login box TIP: Open 2.4 Viewing logs 2.4.1Viewing the logs through the console 2.4.2 Viewing logs in the command line 2.4.3 Changing the log name in the console 2.4.4 Changing the log location in the command line 2.5Changing the port number 2.5.1Changing the port number in the console 2.5.2Changing the port number in the command line 2.6Setting host restrictions 2.6.1Setting host restrictions in the console 2.6.2 Setting host restrictions in the command line 2.7Changing the admin user's name and password 2.8Working with SSL 2.8.1 Requesting and installing a server certificate •Server Name IMPORTANT: •Organization •Organizational Unit (Optional) A descriptive name for the organization within the company Request Submission Copy to Clipboard Save to File Install In this local file In the following encoded text block 2.8.2 Installing a CA certificate CA Certs Next •Accepting connections from clients (Client Authentication) •Accepting connections to other servers (Server Authentication) 2.8.3Enabling SSL 4.Select the Enable SSL for this server checkbox 5.Select the Use this cipher family: RSA checkbox Internal (Software-based) Settings 2.8.4 Creating a password file for the Admin Server 2.9 Changing Directory Server settings 2.9.1 Changing the configuration directory host or port 2.9.2Changing the user directory host or port Use Default User Directory Set User Directory LDAP Host and Port Give the User Directory Subtree 3 Admin express 3.1 Managing servers in Admin Express 3.1.1Opening Admin Express 3.1.2 Starting and stopping servers 3.1.3 Viewing server logs 3.1.4 Viewing server information 3.1.5 Monitoring replication from Admin Express supplier consumer nobody grep \^User /etc/opt/dirsrv/admin-serv/console.conf chmod 0400 filename Figure 3-4Viewing replication status Figure 3-5Viewing replication status 3.2 Configuring Admin Express 3.2.1 Admin Express file locations 3.2.2 Admin Express configuration files 3.2.2.1 Files for the Admin Server welcome page Figure 3-6Intro page elements directive The text files themselves have inline formatting for the inserted table rows 3.2.2.2 Files for the replication status appearance 3.2.2.3 Files for the server information page 3.2.2.4 Files for the server logs page 3.2.3 Admin Express directives Table 3-2Admin Express directives (continued) Page 4 Admin Server command-linetools 4.1 sec-activate 4.2 modutil task “Task commands for modutil” option “Options for modutil” Tasks and options Table 4-1Task commands for modutil (continued) Table 4-2Options for modutil Table 4-2Options for modutil (continued) JAR information file JAR (Java Archive) is a platform-independent file format that aggregates many files into one. JAR files are used by •“Enabling a slot” •“Enabling FIPS compliance” •“Adding a cryptographic module” •“Changing the password on a token” Creating database files modutil -fipstrue FIPS mode enabled Adding a cryptographic module Module "Cryptorific Module" added to database Changing the password on a token 5 Support and other resources 5.1 Contacting HP 5.1.1 Information to collect before contacting HP 5.1.2How to contact HP technical support 5.1.3HP authorized resellers 5.2.2 HP-UXdocumentation set 5.2.3Troubleshooting resources 5.3 Typographic conventions Page Glossary bind See bind DN bind DN bind rule branch entry CoS definition entry affects CoS template Contains a list of the shared attribute values file type extension (for example, .GIF or .HTML) filter filtered role role LDAP and across multiple platforms LDAP client Software used to request and view LDAP entries from an LDAP Directory Server See also browser determine which server holds the most recent version multiplexor n + 1 directory problem resulting in increased hardware and personnel costs presence index Allows searches for entries that contain a specific indexed attribute protocol A set of rules that describes how devices on a network exchange information protocol data unit SASL Simple Authentication and Security Layer schema access the directory may be unable to display the proper results superuser privileges to all files on the machine. Also called root servers supplier server called a supplier for that replica Page Index