Installing And Configuring LDAP-UX Client Services
Configure the LDAP-UX Client Serivces with SSL Support
The -t "C,," represents the minimum trust attributes that may be assigned to the CA certificate for LDAP-UX to successfully use SSL to connect to the LDAP directory server. If you have other applications that use the CA certificate for other functions, then you may wish to assign additional trust flags. See http://www.mozilla.org/projects/security/pki/nss/tools/certutil.ht ml for additional information.
•To use the certutil command to add the LDAP server’s certificate to the security database:
For example, the following command adds the LDAP server’s certificate, my-server-cert, to the security database directory, /etc/opt/ldapux, with the Base64-Encoded certificate request file,
/tmp/mynew.cert:
/opt/ldapux/contrib/bin/certutil -A -n my-server-cert -t \
"P,," -d /etc/opt/ldapux -a -i /tmp/mynew.cert
The -t "p,," represents the minimum trust attributes that may be assigned to the LDAP server’s certificat for LDAP-UX to successfully use SSL to connect to the LDAP directory server. See http://www.mozilla.org/projects/security/pki/nss/tools/certutil.ht ml for additional information.
