external-software/github_OpenIdentityPlatform_OpenDJ.git

parent: 3f168a41 | patch | commit | ignore whitespace

Add the following global options in dsservice

lutoff

20.56.2007 16058e306bd3051a84dbe2f7c087c1781a4fbba5

Add the following global options in dsservice

-q, --useStartTLS
     Use StartTLS to secure communication with the server
-X, --trustAll
     Trust all server SSL certificates
-N, --certNickname {nickname}
     Nickname of certificate for SSL client authentication

8 files modified

	opendj-sdk/opends/src/ads/org/opends/admin/ads/ADSContext.java	15 ●●●●● patch \| view \| raw \| blame \| history
	opendj-sdk/opends/src/ads/org/opends/admin/ads/util/ConnectionUtils.java	11 ●●●●● patch \| view \| raw \| blame \| history
	opendj-sdk/opends/src/ads/org/opends/admin/ads/util/ServerLoader.java	2 ●●●●● patch \| view \| raw \| blame \| history
	opendj-sdk/opends/src/quicksetup/org/opends/quicksetup/installer/Installer.java	4 ●●●●● patch \| view \| raw \| blame \| history
	opendj-sdk/opends/src/quicksetup/org/opends/quicksetup/util/Utils.java	2 ●●●●● patch \| view \| raw \| blame \| history
	opendj-sdk/opends/src/server/org/opends/server/admin/client/cli/DsServiceCliAds.java	9 ●●●●● patch \| view \| raw \| blame \| history
	opendj-sdk/opends/src/server/org/opends/server/admin/client/cli/DsServiceCliMain.java	19 ●●●●● patch \| view \| raw \| blame \| history
	opendj-sdk/opends/src/server/org/opends/server/admin/client/cli/DsServiceCliParser.java	110 ●●●●● patch \| view \| raw \| blame \| history

 opendj-sdk/opends/src/ads/org/opends/admin/ads/ADSContext.java

@@ -762,12 +762,13 @@
   * The call to this method assumes that OpenDS.jar has already been loaded.
   * So this should not be called by the Java Web Start before being sure that
   * this jar is loaded.
   * @param backendName the backend name which will handle admin inforamtion.
   * @throws ADSContextException if something goes wrong.
   */
  public void createAdminData() throws ADSContextException
  public void createAdminData(String backendName) throws ADSContextException
  {
    // Add the administration suffix
    createAdministrationSuffix();
    createAdministrationSuffix(backendName);

    // Create the DIT below the administration suffix
    createTopContainerEntry();
@@ -1748,13 +1749,19 @@

  /**
   * Creates the Administration Suffix.
   * @param backendName TODO
   * @throws ADSContextException if something goes wrong.
   */
  private void createAdministrationSuffix()
  private void createAdministrationSuffix(String backendName)
  throws ADSContextException
  {
    ADSContextHelper helper = new ADSContextHelper();
    helper.createAdministrationSuffix(getDirContext(), getBackendName(),
    String ben = backendName ;
    if (backendName == null)
    {
      ben = getBackendName() ;
    }
    helper.createAdministrationSuffix(getDirContext(), ben,
        "db", "importAdminTemp");
  }


 opendj-sdk/opends/src/ads/org/opends/admin/ads/util/ConnectionUtils.java

@@ -233,11 +233,12 @@
   * @param pwd           passed as Context.SECURITY_CREDENTIALS if not null.
   * @param timeout       passed as com.sun.jndi.ldap.connect.timeout if > 0.
   * @param env           null or additional environment properties.
   * @param trustManager  null or the trust manager to be invoked during SSL.
   * @param trustManager  null or the trust manager to be invoked during SSL
   * negociation.
   * @param keyManager    null or the key manager to be invoked during SSL
   * negociation.
   * @param verifier      null or the hostname verifier to be setup in the
   * StartTlsResponse.
   *
   * @return the established connection with the given parameters.
   *
   * @throws NamingException the exception thrown when instantiating
@@ -252,7 +253,8 @@

  public static InitialLdapContext createStartTLSContext(String ldapsURL,
      String dn, String pwd, int timeout, Hashtable<String, String> env,
      TrustManager trustManager, HostnameVerifier verifier)
      TrustManager trustManager, KeyManager keyManager,
      HostnameVerifier verifier)
  throws NamingException
  {
    if (trustManager == null)
@@ -282,6 +284,7 @@
    final String fDn = dn;
    final String fPwd = pwd;
    final TrustManager fTrustManager = trustManager;
    final KeyManager fKeyManager     = keyManager;
    final HostnameVerifier fVerifier = verifier;

    Thread t = new Thread(new Runnable() {
@@ -296,7 +299,7 @@
          tls.setHostnameVerifier(fVerifier);
          try
          {
            tls.negotiate(new TrustedSocketFactory(fTrustManager,null));
            tls.negotiate(new TrustedSocketFactory(fTrustManager,fKeyManager));
          }
          catch(IOException x) {
            NamingException xx;

 opendj-sdk/opends/src/ads/org/opends/admin/ads/util/ServerLoader.java

@@ -250,7 +250,7 @@
      {
        ctx = ConnectionUtils.createStartTLSContext(lastLdapUrl, dn, pwd,
            ConnectionUtils.getDefaultLDAPTimeout(), null, trustManager,
            null);
            null, null);
      }
    }
    else

 opendj-sdk/opends/src/quicksetup/org/opends/quicksetup/installer/Installer.java

@@ -1606,7 +1606,7 @@
          notifyListeners(getFormattedWithPoints(
              getMsg("progress-creating-ads-on-remote", getHostDisplay(auth))));

          adsContext.createAdminData();
          adsContext.createAdminData(null);
          adsContext.createAdministrator(getAdministratorProperties());
          adsContext.registerServer(
              getRemoteServerProperties(auth.getHostName(),
@@ -3544,7 +3544,7 @@
    try
    {
      ADSContext adsContext = new ADSContext(ctx);
      adsContext.createAdminData();
      adsContext.createAdminData(null);
      adsContext.registerServer(getNewServerAdsProperties());
      if (getUserData().mustCreateAdministrator())
      {

 opendj-sdk/opends/src/quicksetup/org/opends/quicksetup/util/Utils.java

@@ -944,7 +944,7 @@
  throws NamingException
  {
    return ConnectionUtils.createStartTLSContext(ldapsURL, dn, pwd, timeout,
        env, trustManager, verifier);
        env, trustManager, null, verifier);
  }



 opendj-sdk/opends/src/server/org/opends/server/admin/client/cli/DsServiceCliAds.java

@@ -115,7 +115,7 @@
  {
    // Create-ads subcommand
    createAdsSubCmd = new SubCommand(argParser, SubCommandNameEnum.CREATE_ADS
        .toString(), true, 3, 3, OPERAND_BACKEND,
        .toString(), true, 1, 1, OPERAND_BACKEND,
        MSGID_ADMIN_SUBCMD_CREATE_ADS_DESCRIPTION);
    createAdsSubCmd.setHidden(true);

@@ -147,12 +147,7 @@
    if (subCmd.getName().equals(createAdsSubCmd.getName()))
    {
      String backendName = subCmd.getTrailingArguments().get(0);
      String dbDirectory = subCmd.getTrailingArguments().get(1);
      String importTempDirectory = subCmd.getTrailingArguments().get(2);
      ADSContextHelper helper = new ADSContextHelper();
      adsContext.createAdminData();
      helper.createAdministrationSuffix(adsContext.getDirContext(),
          backendName, dbDirectory, importTempDirectory);
      adsContext.createAdminData(backendName);
      return ReturnCode.SUCCESSFUL;
    }
    else if (subCmd.getName().equals(deleteAdsSubCmd.getName()))

 opendj-sdk/opends/src/server/org/opends/server/admin/client/cli/DsServiceCliMain.java

@@ -244,6 +244,25 @@
      }
    }
    else
    if (argParser.startTLS())
    {
      String ldapsUrl = "ldaps://" + host + ":" + port;
      try
      {
        ctx = ConnectionUtils.createStartTLSContext(ldapsUrl, dn, pwd,
            ConnectionUtils.getDefaultLDAPTimeout(), null, argParser
                .getTrustManager(), argParser.getKeyManager(), null);
      }
      catch (NamingException e)
      {
        int msgID = MSGID_ADMIN_CANNOT_CONNECT_TO_ADS;
        String message = getMessage(msgID, host);

        err.println(wrapText(message, MAX_LINE_WIDTH));
        return ReturnCode.CANNOT_CONNECT_TO_ADS.getReturnCode();
      }
    }
    else
    {
      String ldapUrl = "ldap://" + host + ":" + port;
      try

 opendj-sdk/opends/src/server/org/opends/server/admin/client/cli/DsServiceCliParser.java

@@ -45,6 +45,8 @@
import java.util.logging.Level;
import java.util.logging.Logger;

import javax.net.ssl.KeyManager;

import org.opends.admin.ads.ADSContext;
import org.opends.admin.ads.ADSContextException;
import org.opends.admin.ads.util.ApplicationKeyManager;
@@ -53,6 +55,7 @@
import org.opends.server.loggers.debug.DebugTracer;
import org.opends.server.types.DebugLogLevel;
import org.opends.server.util.PasswordReader;
import org.opends.server.util.SelectableCertificateKeyManager;
import org.opends.server.util.args.ArgumentException;
import org.opends.server.util.args.BooleanArgument;
import org.opends.server.util.args.FileBasedArgument;
@@ -83,6 +86,11 @@
  private BooleanArgument useSSLArg = null;

  /**
   * The 'startTLSArg' global argument.
   */
  private BooleanArgument startTLSArg = null;

  /**
   * The 'hostName' global argument.
   */
  private StringArgument hostNameArg = null;
@@ -113,6 +121,11 @@
  private BooleanArgument verboseArg = null;

  /**
   * The 'trustAllArg' global argument.
   */
  private BooleanArgument trustAllArg = null;

  /**
   * The 'trustStore' global argument.
   */
  private StringArgument trustStorePathArg = null;
@@ -143,6 +156,11 @@
  private FileBasedArgument keyStorePasswordFileArg = null;

  /**
   * The 'keyStorePasswordFile' global argument.
   */
  private StringArgument certNicknameArg = null;

  /**
   * The Logger.
   */
  static private final Logger LOG =
@@ -227,6 +245,11 @@
        OPTION_LONG_USE_SSL, MSGID_DESCRIPTION_USE_SSL);
    addGlobalArgument(useSSLArg);

    startTLSArg = new BooleanArgument("startTLS", OPTION_SHORT_START_TLS,
        OPTION_LONG_START_TLS,
        MSGID_DESCRIPTION_START_TLS);
    addGlobalArgument(startTLSArg);

    hostNameArg = new StringArgument("host", OPTION_SHORT_HOST,
        OPTION_LONG_HOST, false, false, true, OPTION_VALUE_HOST, "localhost",
        null, MSGID_DESCRIPTION_HOST);
@@ -253,6 +276,10 @@
        MSGID_DESCRIPTION_BINDPASSWORDFILE);
    addGlobalArgument(bindPasswordFileArg);

    trustAllArg = new BooleanArgument("trustAll", 'X', "trustAll",
        MSGID_DESCRIPTION_TRUSTALL);
    addGlobalArgument(trustAllArg);

    trustStorePathArg = new StringArgument("trustStorePath",
        OPTION_SHORT_TRUSTSTOREPATH, OPTION_LONG_TRUSTSTOREPATH, false,
        false, true, OPTION_VALUE_TRUSTSTOREPATH, null, null,
@@ -289,6 +316,11 @@
        MSGID_DESCRIPTION_KEYSTOREPASSWORD_FILE);
    addGlobalArgument(keyStorePasswordFileArg);

    certNicknameArg = new StringArgument("certnickname", 'N', "certNickname",
        false, false, true, "{nickname}", null, null,
        MSGID_DESCRIPTION_CERT_NICKNAME);
    addGlobalArgument(certNicknameArg);

    verboseArg = new BooleanArgument("verbose", 'v', "verbose",
        MSGID_DESCRIPTION_VERBOSE);
    addGlobalArgument(verboseArg);
@@ -485,6 +517,23 @@
  }

  /**
   * Indicate if the startTLS mode is required.
   *
   * @return True if startTLS mode is required
   */
  public boolean startTLS()
  {
    if (startTLSArg.isPresent())
    {
      return true;
    }
    else
    {
      return false ;
    }
  }

  /**
   * Handle TrustStore.
   *
   * @return The trustStore manager to be used for the command.
@@ -493,6 +542,13 @@
  {
    ApplicationTrustManager truststoreManager = null ;
    KeyStore truststore = null ;
    if (trustAllArg.isPresent())
    {
      // Running a null TrustManager  will force createLdapsContext and
      // createStartTLSContext to use a bindTrustManager.
      return null ;
    }
    else
    if (trustStorePathArg.isPresent())
    {
      try
@@ -549,7 +605,7 @@
   *
   * @return The keyStore manager to be used for the command.
   */
  public ApplicationKeyManager getKeyManager()
  public KeyManager getKeyManager()
  {
    KeyStore keyStore = null;
    String keyStorePasswordValue = null;
@@ -606,8 +662,17 @@
        LOG.log(Level.WARNING, "Error with the keystore", e);
      }
    }
    return new ApplicationKeyManager(keyStore, keyStorePasswordValue
        .toCharArray());
    ApplicationKeyManager akm = new ApplicationKeyManager(keyStore,
        keyStorePasswordValue.toCharArray());
    if (certNicknameArg.isPresent())
    {
      return new SelectableCertificateKeyManager(akm, certNicknameArg
          .getValue());
    }
    else
    {
      return akm;
    }
  }

  /**
@@ -630,6 +695,33 @@
      return returnCode.CONFLICTING_ARGS.getReturnCode();
    }

    // Couldn't have at the same time trustAll and
    // trustStore related arg
    if (trustAllArg.isPresent() && trustStorePathArg.isPresent())
    {
      int msgID = MSGID_TOOL_CONFLICTING_ARGS;
      String message = getMessage(msgID, trustAllArg.getLongIdentifier(),
          trustStorePathArg.getLongIdentifier());
      err.println(wrapText(message, MAX_LINE_WIDTH));
      return returnCode.CONFLICTING_ARGS.getReturnCode();
    }
    if (trustAllArg.isPresent() && trustStorePasswordArg.isPresent())
    {
      int msgID = MSGID_TOOL_CONFLICTING_ARGS;
      String message = getMessage(msgID, trustAllArg.getLongIdentifier(),
          trustStorePasswordArg.getLongIdentifier());
      err.println(wrapText(message, MAX_LINE_WIDTH));
      return returnCode.CONFLICTING_ARGS.getReturnCode();
    }
    if (trustAllArg.isPresent() && trustStorePasswordFileArg.isPresent())
    {
      int msgID = MSGID_TOOL_CONFLICTING_ARGS;
      String message = getMessage(msgID, trustAllArg.getLongIdentifier(),
          trustStorePasswordFileArg.getLongIdentifier());
      err.println(wrapText(message, MAX_LINE_WIDTH));
      return returnCode.CONFLICTING_ARGS.getReturnCode();
    }

    // Couldn't have at the same time trustStorePasswordArg and
    // trustStorePasswordFileArg
    if (trustStorePasswordArg.isPresent()
@@ -642,6 +734,18 @@
      return returnCode.CONFLICTING_ARGS.getReturnCode();
    }

    // Couldn't have at the same time startTLSArg and
    // useSSLArg
    if (startTLSArg.isPresent()
        && useSSLArg.isPresent())
    {
      int msgID = MSGID_TOOL_CONFLICTING_ARGS;
      String message = getMessage(msgID, startTLSArg
          .getLongIdentifier(), useSSLArg.getLongIdentifier());
      err.println(wrapText(message, MAX_LINE_WIDTH));
      return returnCode.CONFLICTING_ARGS.getReturnCode();
    }

    return ReturnCode.SUCCESSFUL_NOP.getReturnCode();
  }

			@@ -762,12 +762,13 @@
			* The call to this method assumes that OpenDS.jar has already been loaded.
			* So this should not be called by the Java Web Start before being sure that
			* this jar is loaded.
			* @param backendName the backend name which will handle admin inforamtion.
			* @throws ADSContextException if something goes wrong.
			*/
			public void createAdminData() throws ADSContextException
			public void createAdminData(String backendName) throws ADSContextException
			{
			// Add the administration suffix
			createAdministrationSuffix();
			createAdministrationSuffix(backendName);

			// Create the DIT below the administration suffix
			createTopContainerEntry();
			@@ -1748,13 +1749,19 @@

			/**
			* Creates the Administration Suffix.
			* @param backendName TODO
			* @throws ADSContextException if something goes wrong.
			*/
			private void createAdministrationSuffix()
			private void createAdministrationSuffix(String backendName)
			throws ADSContextException
			{
			ADSContextHelper helper = new ADSContextHelper();
			helper.createAdministrationSuffix(getDirContext(), getBackendName(),
			String ben = backendName ;
			if (backendName == null)
			{
			ben = getBackendName() ;
			}
			helper.createAdministrationSuffix(getDirContext(), ben,
			"db", "importAdminTemp");
			}

			@@ -233,11 +233,12 @@
			* @param pwd passed as Context.SECURITY_CREDENTIALS if not null.
			* @param timeout passed as com.sun.jndi.ldap.connect.timeout if > 0.
			* @param env null or additional environment properties.
			* @param trustManager null or the trust manager to be invoked during SSL.
			* @param trustManager null or the trust manager to be invoked during SSL
			* negociation.
			* @param keyManager null or the key manager to be invoked during SSL
			* negociation.
			* @param verifier null or the hostname verifier to be setup in the
			* StartTlsResponse.
			*
			* @return the established connection with the given parameters.
			*
			* @throws NamingException the exception thrown when instantiating
			@@ -252,7 +253,8 @@

			public static InitialLdapContext createStartTLSContext(String ldapsURL,
			String dn, String pwd, int timeout, Hashtable<String, String> env,
			TrustManager trustManager, HostnameVerifier verifier)
			TrustManager trustManager, KeyManager keyManager,
			HostnameVerifier verifier)
			throws NamingException
			{
			if (trustManager == null)
			@@ -282,6 +284,7 @@
			final String fDn = dn;
			final String fPwd = pwd;
			final TrustManager fTrustManager = trustManager;
			final KeyManager fKeyManager = keyManager;
			final HostnameVerifier fVerifier = verifier;

			Thread t = new Thread(new Runnable() {
			@@ -296,7 +299,7 @@
			tls.setHostnameVerifier(fVerifier);
			try
			{
			tls.negotiate(new TrustedSocketFactory(fTrustManager,null));
			tls.negotiate(new TrustedSocketFactory(fTrustManager,fKeyManager));
			}
			catch(IOException x) {
			NamingException xx;

			@@ -250,7 +250,7 @@
			{
			ctx = ConnectionUtils.createStartTLSContext(lastLdapUrl, dn, pwd,
			ConnectionUtils.getDefaultLDAPTimeout(), null, trustManager,
			null);
			null, null);
			}
			}
			else

			@@ -1606,7 +1606,7 @@
			notifyListeners(getFormattedWithPoints(
			getMsg("progress-creating-ads-on-remote", getHostDisplay(auth))));

			adsContext.createAdminData();
			adsContext.createAdminData(null);
			adsContext.createAdministrator(getAdministratorProperties());
			adsContext.registerServer(
			getRemoteServerProperties(auth.getHostName(),
			@@ -3544,7 +3544,7 @@
			try
			{
			ADSContext adsContext = new ADSContext(ctx);
			adsContext.createAdminData();
			adsContext.createAdminData(null);
			adsContext.registerServer(getNewServerAdsProperties());
			if (getUserData().mustCreateAdministrator())
			{

			@@ -944,7 +944,7 @@
			throws NamingException
			{
			return ConnectionUtils.createStartTLSContext(ldapsURL, dn, pwd, timeout,
			env, trustManager, verifier);
			env, trustManager, null, verifier);
			}

			@@ -115,7 +115,7 @@
			{
			// Create-ads subcommand
			createAdsSubCmd = new SubCommand(argParser, SubCommandNameEnum.CREATE_ADS
			.toString(), true, 3, 3, OPERAND_BACKEND,
			.toString(), true, 1, 1, OPERAND_BACKEND,
			MSGID_ADMIN_SUBCMD_CREATE_ADS_DESCRIPTION);
			createAdsSubCmd.setHidden(true);

			@@ -147,12 +147,7 @@
			if (subCmd.getName().equals(createAdsSubCmd.getName()))
			{
			String backendName = subCmd.getTrailingArguments().get(0);
			String dbDirectory = subCmd.getTrailingArguments().get(1);
			String importTempDirectory = subCmd.getTrailingArguments().get(2);
			ADSContextHelper helper = new ADSContextHelper();
			adsContext.createAdminData();
			helper.createAdministrationSuffix(adsContext.getDirContext(),
			backendName, dbDirectory, importTempDirectory);
			adsContext.createAdminData(backendName);
			return ReturnCode.SUCCESSFUL;
			}
			else if (subCmd.getName().equals(deleteAdsSubCmd.getName()))

			@@ -244,6 +244,25 @@
			}
			}
			else
			if (argParser.startTLS())
			{
			String ldapsUrl = "ldaps://" + host + ":" + port;
			try
			{
			ctx = ConnectionUtils.createStartTLSContext(ldapsUrl, dn, pwd,
			ConnectionUtils.getDefaultLDAPTimeout(), null, argParser
			.getTrustManager(), argParser.getKeyManager(), null);
			}
			catch (NamingException e)
			{
			int msgID = MSGID_ADMIN_CANNOT_CONNECT_TO_ADS;
			String message = getMessage(msgID, host);

			err.println(wrapText(message, MAX_LINE_WIDTH));
			return ReturnCode.CANNOT_CONNECT_TO_ADS.getReturnCode();
			}
			}
			else
			{
			String ldapUrl = "ldap://" + host + ":" + port;
			try

			@@ -45,6 +45,8 @@
			import java.util.logging.Level;
			import java.util.logging.Logger;

			import javax.net.ssl.KeyManager;

			import org.opends.admin.ads.ADSContext;
			import org.opends.admin.ads.ADSContextException;
			import org.opends.admin.ads.util.ApplicationKeyManager;
			@@ -53,6 +55,7 @@
			import org.opends.server.loggers.debug.DebugTracer;
			import org.opends.server.types.DebugLogLevel;
			import org.opends.server.util.PasswordReader;
			import org.opends.server.util.SelectableCertificateKeyManager;
			import org.opends.server.util.args.ArgumentException;
			import org.opends.server.util.args.BooleanArgument;
			import org.opends.server.util.args.FileBasedArgument;
			@@ -83,6 +86,11 @@
			private BooleanArgument useSSLArg = null;

			/**
			* The 'startTLSArg' global argument.
			*/
			private BooleanArgument startTLSArg = null;

			/**
			* The 'hostName' global argument.
			*/
			private StringArgument hostNameArg = null;
			@@ -113,6 +121,11 @@
			private BooleanArgument verboseArg = null;

			/**
			* The 'trustAllArg' global argument.
			*/
			private BooleanArgument trustAllArg = null;

			/**
			* The 'trustStore' global argument.
			*/
			private StringArgument trustStorePathArg = null;
			@@ -143,6 +156,11 @@
			private FileBasedArgument keyStorePasswordFileArg = null;

			/**
			* The 'keyStorePasswordFile' global argument.
			*/
			private StringArgument certNicknameArg = null;

			/**
			* The Logger.
			*/
			static private final Logger LOG =
			@@ -227,6 +245,11 @@
			OPTION_LONG_USE_SSL, MSGID_DESCRIPTION_USE_SSL);
			addGlobalArgument(useSSLArg);

			startTLSArg = new BooleanArgument("startTLS", OPTION_SHORT_START_TLS,
			OPTION_LONG_START_TLS,
			MSGID_DESCRIPTION_START_TLS);
			addGlobalArgument(startTLSArg);

			hostNameArg = new StringArgument("host", OPTION_SHORT_HOST,
			OPTION_LONG_HOST, false, false, true, OPTION_VALUE_HOST, "localhost",
			null, MSGID_DESCRIPTION_HOST);
			@@ -253,6 +276,10 @@
			MSGID_DESCRIPTION_BINDPASSWORDFILE);
			addGlobalArgument(bindPasswordFileArg);

			trustAllArg = new BooleanArgument("trustAll", 'X', "trustAll",
			MSGID_DESCRIPTION_TRUSTALL);
			addGlobalArgument(trustAllArg);

			trustStorePathArg = new StringArgument("trustStorePath",
			OPTION_SHORT_TRUSTSTOREPATH, OPTION_LONG_TRUSTSTOREPATH, false,
			false, true, OPTION_VALUE_TRUSTSTOREPATH, null, null,
			@@ -289,6 +316,11 @@
			MSGID_DESCRIPTION_KEYSTOREPASSWORD_FILE);
			addGlobalArgument(keyStorePasswordFileArg);

			certNicknameArg = new StringArgument("certnickname", 'N', "certNickname",
			false, false, true, "{nickname}", null, null,
			MSGID_DESCRIPTION_CERT_NICKNAME);
			addGlobalArgument(certNicknameArg);

			verboseArg = new BooleanArgument("verbose", 'v', "verbose",
			MSGID_DESCRIPTION_VERBOSE);
			addGlobalArgument(verboseArg);
			@@ -485,6 +517,23 @@
			}

			/**
			* Indicate if the startTLS mode is required.
			*
			* @return True if startTLS mode is required
			*/
			public boolean startTLS()
			{
			if (startTLSArg.isPresent())
			{
			return true;
			}
			else
			{
			return false ;
			}
			}

			/**
			* Handle TrustStore.
			*
			* @return The trustStore manager to be used for the command.
			@@ -493,6 +542,13 @@
			{
			ApplicationTrustManager truststoreManager = null ;
			KeyStore truststore = null ;
			if (trustAllArg.isPresent())
			{
			// Running a null TrustManager will force createLdapsContext and
			// createStartTLSContext to use a bindTrustManager.
			return null ;
			}
			else
			if (trustStorePathArg.isPresent())
			{
			try
			@@ -549,7 +605,7 @@
			*
			* @return The keyStore manager to be used for the command.
			*/
			public ApplicationKeyManager getKeyManager()
			public KeyManager getKeyManager()
			{
			KeyStore keyStore = null;
			String keyStorePasswordValue = null;
			@@ -606,8 +662,17 @@
			LOG.log(Level.WARNING, "Error with the keystore", e);
			}
			}
			return new ApplicationKeyManager(keyStore, keyStorePasswordValue
			.toCharArray());
			ApplicationKeyManager akm = new ApplicationKeyManager(keyStore,
			keyStorePasswordValue.toCharArray());
			if (certNicknameArg.isPresent())
			{
			return new SelectableCertificateKeyManager(akm, certNicknameArg
			.getValue());
			}
			else
			{
			return akm;
			}
			}

			/**
			@@ -630,6 +695,33 @@
			return returnCode.CONFLICTING_ARGS.getReturnCode();
			}

			// Couldn't have at the same time trustAll and
			// trustStore related arg
			if (trustAllArg.isPresent() && trustStorePathArg.isPresent())
			{
			int msgID = MSGID_TOOL_CONFLICTING_ARGS;
			String message = getMessage(msgID, trustAllArg.getLongIdentifier(),
			trustStorePathArg.getLongIdentifier());
			err.println(wrapText(message, MAX_LINE_WIDTH));
			return returnCode.CONFLICTING_ARGS.getReturnCode();
			}
			if (trustAllArg.isPresent() && trustStorePasswordArg.isPresent())
			{
			int msgID = MSGID_TOOL_CONFLICTING_ARGS;
			String message = getMessage(msgID, trustAllArg.getLongIdentifier(),
			trustStorePasswordArg.getLongIdentifier());
			err.println(wrapText(message, MAX_LINE_WIDTH));
			return returnCode.CONFLICTING_ARGS.getReturnCode();
			}
			if (trustAllArg.isPresent() && trustStorePasswordFileArg.isPresent())
			{
			int msgID = MSGID_TOOL_CONFLICTING_ARGS;
			String message = getMessage(msgID, trustAllArg.getLongIdentifier(),
			trustStorePasswordFileArg.getLongIdentifier());
			err.println(wrapText(message, MAX_LINE_WIDTH));
			return returnCode.CONFLICTING_ARGS.getReturnCode();
			}

			// Couldn't have at the same time trustStorePasswordArg and
			// trustStorePasswordFileArg
			if (trustStorePasswordArg.isPresent()
			@@ -642,6 +734,18 @@
			return returnCode.CONFLICTING_ARGS.getReturnCode();
			}

			// Couldn't have at the same time startTLSArg and
			// useSSLArg
			if (startTLSArg.isPresent()
			&& useSSLArg.isPresent())
			{
			int msgID = MSGID_TOOL_CONFLICTING_ARGS;
			String message = getMessage(msgID, startTLSArg
			.getLongIdentifier(), useSSLArg.getLongIdentifier());
			err.println(wrapText(message, MAX_LINE_WIDTH));
			return returnCode.CONFLICTING_ARGS.getReturnCode();
			}

			return ReturnCode.SUCCESSFUL_NOP.getReturnCode();
			}