external-software/github_OpenIdentityPlatform_OpenDJ.git

			@@ -432,7 +432,11 @@
			</function>


			<!-- Configure SSL -->
			<!-- ################################################## -->
			<!-- configure SSL -->
			<!-- ################################################## -->


			<function name="configureSSL">
			<function-prolog>
			This function makes the configuration changes for SSL
			@@ -466,6 +470,11 @@
			<function-arg-description>
			Bind DN
			</function-arg-description>
			</function-arg-def>
			<function-arg-def name="certAlias" type="optional" default="'server-cert'">
			<function-arg-description>
			Alias certificate
			</function-arg-description>
			<function-arg-property name="type" value="DN"/>
			</function-arg-def>
			<function-arg-def name="dsInstancePswd" type="optional">
			@@ -474,9 +483,15 @@
			</function-arg-description>
			<function-arg-property name="type" value="string"/>
			</function-arg-def>
			<function-arg-def name="keystoreType" type="required">
			<function-arg-def name="keystoreType" type="optional" default="'JKS'">
			<function-arg-description>
			Keystore type
			Keystore type : JKS or PKCS12
			</function-arg-description>
			<function-arg-property name="type" value="string"/>
			</function-arg-def>
			<function-arg-def name="keystorePin" type="optional" default="'servercert'">
			<function-arg-description>
			Keystore pin
			</function-arg-description>
			<function-arg-property name="type" value="string"/>
			</function-arg-def>
			@@ -489,90 +504,83 @@
			</function-map-args>
			<sequence>

			<!-- Local variables -->
			<script>
			mylocation=location
			myhost=dsInstanceHost
			myport=dsInstancePort
			mydn=dsInstanceDn
			mypswd=dsInstancePswd
			</script>

			<!--- Enable Key Manager Provider -->
			<!--- configure Key Manager Provider -->
			<message>
			'Enabling Key Manager Provider'
			</message>
			<call function="'modifyEntry'">
			{ 'location' : mylocation ,
			'dsInstanceHost' : myhost ,
			'dsInstancePort' : myport ,
			'dsInstanceDn' : mydn ,
			'dsInstancePswd' : mypswd ,
			'entryToBeModified' : '%s/security/%s/setup/enable_key_mgr_provider.ldif' % (logsRemoteDataDir,keystoreType) }
			</call>
			<call function="'checktestRC'">
			{ 'returncode' : RC ,
			'result' : STAXResult }
			</call>

			<!--- Enable Trust Manager Provider -->
			<message>
			'Enabling Trust Manager Provider'
			'Configure Key Manager Provider'
			</message>

			<call function="'modifyEntry'">
			{ 'location' : mylocation ,
			'dsInstanceHost' : myhost ,
			'dsInstancePort' : myport ,
			'dsInstanceDn' : mydn ,
			'dsInstancePswd' : mypswd ,
			'entryToBeModified' : '%s/security/%s/setup/enable_trust_mgr_provider.ldif' % (logsRemoteDataDir,keystoreType) }

			<call function="'dsconfig'">
			{ 'location' : location ,
			'dsPath' : dsPath ,
			'dsInstanceHost' : dsInstanceHost ,
			'dsInstancePort' : dsInstancePort ,
			'dsInstanceDn' : dsInstanceDn ,
			'dsInstancePswd' : dsInstancePswd ,
			'subcommand' : 'set-key-manager-prop' ,
			'propertyName' : 'manager-name' ,
			'propertyValue' : keystoreType,
			'optionsString' : '--set key-store-file:config/keystore --reset key-store-pin-file --set key-store-pin:%s --set enabled:true' % keystorePin,
			'expectedRC' : 0 }
			</call>

			<call function="'checktestRC'">
			{ 'returncode' : RC ,
			'result' : STAXResult }
			<!--- configure Trust Manager Provider -->
			<message>
			'Configure Trust Manager Provider'
			</message>


			<call function="'dsconfig'">
			{ 'location' : location ,
			'dsPath' : dsPath ,
			'dsInstanceHost' : dsInstanceHost ,
			'dsInstancePort' : dsInstancePort ,
			'dsInstanceDn' : dsInstanceDn ,
			'dsInstancePswd' : dsInstancePswd ,
			'subcommand' : 'set-trust-manager-prop' ,
			'propertyName' : 'manager-name' ,
			'propertyValue' : 'Blind Trust',
			'optionsString' : '--set enabled:true' ,
			'expectedRC' : 0 }
			</call>


			<!--- Enable LDAPS Connection Handler -->
			<message>
			'Enabling LDAPS Connection Handler - Keystore type'
			</message>

			<call function="'modifyEntry'">
			{ 'location' : mylocation ,
			'dsInstanceHost' : myhost ,
			'dsInstancePort' : myport ,
			'dsInstanceDn' : mydn ,
			'dsInstancePswd' : mypswd ,
			'entryToBeModified' : '%s/security/%s/setup/enable_ldaps_conn_handler.ldif' % (logsRemoteDataDir,keystoreType) }
			<script>
			option1='--set ssl-cert-nickname:%s' % certAlias
			option2='--set trust-manager-provider-dn:"cn=Blind Trust,cn=Trust Manager Providers,cn=config"'
			option3='--set key-manager-provider-dn:"cn=%s,cn=Key Manager Providers,cn=config"' % (keystoreType)
			option4='--set listen-port:%s' % DIRECTORY_INSTANCE_SSL_PORT
			option5='--set enabled:true'
			optionsString='%s %s %s %s %s' % (option1,option2,option3,option4,option5)
			</script>

			<call function="'dsconfig'">
			{ 'location' : location ,
			'dsPath' : dsPath ,
			'dsInstanceHost' : dsInstanceHost ,
			'dsInstancePort' : dsInstancePort ,
			'dsInstanceDn' : dsInstanceDn ,
			'dsInstancePswd' : dsInstancePswd ,
			'subcommand' : 'set-connection-handler-prop' ,
			'propertyName' : 'handler-name' ,
			'propertyValue' : 'LDAPS Connection Handler',
			'optionsString' : optionsString,
			'expectedRC' : 0 }
			</call>

			<call function="'checktestRC'">
			{ 'returncode' : RC ,
			'result' : STAXResult }
			</call>

			<message>
			'Enabling LDAPS Connection Handler - Port number'
			</message>

			<call function="'modifyEntry'">
			{ 'location' : mylocation ,
			'dsInstanceHost' : myhost ,
			'dsInstancePort' : myport ,
			'dsInstanceDn' : mydn ,
			'dsInstancePswd' : mypswd ,
			'entryToBeModified' : '%s/security/ldaps_port.ldif' % (logsRemoteDataDir) }
			</call>

			<call function="'checktestRC'">
			{ 'returncode' : RC ,
			'result' : STAXResult }
			</call>
			</sequence>
			</function>

			<!-- ################################################## -->
			<!-- configureTLS -->
			<!-- ################################################## -->

			<function name="configureTLS">
			<function-prolog>
			This function makes the configuration changes for startTLS
			@@ -614,9 +622,20 @@
			</function-arg-description>
			<function-arg-property name="type" value="string"/>
			</function-arg-def>
			<function-arg-def name="keystoreType" type="required">
			<function-arg-def name="keystorePin" type="optional" default="'servercert'">
			<function-arg-description>
			Keystore type
			Keystore pin
			</function-arg-description>
			<function-arg-property name="type" value="string"/>
			</function-arg-def>
			<function-arg-def name="certAlias" type="optional" default="'server-cert'">
			<function-arg-description>
			Alias certificate
			</function-arg-description>
			</function-arg-def>
			<function-arg-def name="keystoreType" type="optional" default="'JKS'">
			<function-arg-description>
			Keystore type : JKS or PKCS12
			</function-arg-description>
			<function-arg-property name="type" value="string"/>
			</function-arg-def>
			@@ -629,46 +648,45 @@
			</function-map-args>
			<sequence>

			<!-- Local variables -->
			<script>
			mylocation=location
			myhost=dsInstanceHost
			myport=dsInstancePort
			mydn=dsInstanceDn
			mypswd=dsInstancePswd
			</script>

			<!--- Enable Key Manager Provider -->
			<call function="'modifyEntry'">
			{ 'location' : mylocation ,
			'dsInstanceHost' : myhost ,
			'dsInstancePort' : myport ,
			'dsInstanceDn' : mydn ,
			'dsInstancePswd' : mypswd ,
			'entryToBeModified' : '%s/security/%s/setup/enable_key_mgr_provider.ldif' % (logsRemoteDataDir,keystoreType) }
			</call>
			<call function="'checktestRC'">
			{ 'returncode' : RC ,
			'result' : STAXResult }
			</call>

			<!--- Enable Trust Manager Provider -->
			<!--- configure Key Manager Provider -->
			<message>
			'Enabling Trust Manager Provider'
			'Configure Key Manager Provider'
			</message>

			<call function="'modifyEntry'">
			{ 'location' : mylocation ,
			'dsInstanceHost' : myhost ,
			'dsInstancePort' : myport ,
			'dsInstanceDn' : mydn ,
			'dsInstancePswd' : mypswd ,
			'entryToBeModified' : '%s/security/%s/setup/enable_trust_mgr_provider.ldif' % (logsRemoteDataDir,keystoreType) }

			<call function="'dsconfig'">
			{ 'location' : location ,
			'dsPath' : dsPath ,
			'dsInstanceHost' : dsInstanceHost ,
			'dsInstancePort' : dsInstancePort ,
			'dsInstanceDn' : dsInstanceDn ,
			'dsInstancePswd' : dsInstancePswd ,
			'subcommand' : 'set-key-manager-prop' ,
			'propertyName' : 'manager-name' ,
			'propertyValue' : keystoreType,
			'optionsString' : '--set key-store-file:config/keystore --reset key-store-pin-file --set key-store-pin:%s --set enabled:true' % keystorePin,
			'expectedRC' : 0 }
			</call>

			<call function="'checktestRC'">
			{ 'returncode' : RC ,
			'result' : STAXResult }
			<!--- configure Trust Manager Provider -->
			<message>
			'Configure Trust Manager Provider'
			</message>


			<call function="'dsconfig'">
			{ 'location' : location ,
			'dsPath' : dsPath ,
			'dsInstanceHost' : dsInstanceHost ,
			'dsInstancePort' : dsInstancePort ,
			'dsInstanceDn' : dsInstanceDn ,
			'dsInstancePswd' : dsInstancePswd ,
			'subcommand' : 'set-trust-manager-prop' ,
			'propertyName' : 'manager-name' ,
			'propertyValue' : 'Blind Trust',
			'optionsString' : '--set enabled:true' ,
			'expectedRC' : 0 }
			</call>

			<!--- Enable StartTLS -->
			@@ -676,24 +694,211 @@
			'Enabling StartTLS'
			</message>

			<call function="'addEntry'">
			{ 'location' : mylocation ,
			'dsInstanceHost' : myhost ,
			'dsInstancePort' : myport ,
			'dsInstanceDn' : mydn ,
			'dsInstancePswd' : mypswd ,
			'entryToBeAdded' : '%s/security/%s/setup/enable_startTLS.ldif' % (logsRemoteDataDir,keystoreType) }
			<script>
			option1='--set ssl-cert-nickname:%s' % certAlias
			option2='--set trust-manager-provider-dn:"cn=Blind Trust,cn=Trust Manager Providers,cn=config" '
			option3='--set key-manager-provider-dn:"cn=%s,cn=Key Manager Providers,cn=config"' % (keystoreType)
			option4='--set allow-start-tls:true'
			optionsString='%s %s %s %s' % (option1,option2,option3,option4)
			</script>


			<call function="'dsconfig'">
			{ 'location' : location ,
			'dsPath' : dsPath ,
			'dsInstanceHost' : dsInstanceHost ,
			'dsInstancePort' : dsInstancePort ,
			'dsInstanceDn' : dsInstanceDn ,
			'dsInstancePswd' : dsInstancePswd ,
			'subcommand' : 'set-connection-handler-prop' ,
			'propertyName' : 'handler-name' ,
			'propertyValue' : 'LDAP Connection Handler',
			'optionsString' : optionsString,
			'expectedRC' : 0 }
			</call>

			<call function="'checktestRC'">
			{ 'returncode' : RC ,
			'result' : STAXResult }
			</call>

			</sequence>
			</function>



			<!-- ################################################## -->
			<!-- configure SSL and TLS -->
			<!-- ################################################## -->


			<function name="configureSSL_TLS">
			<function-prolog>
			This function makes the configuration changes for SSL and TLS
			</function-prolog>
			<function-map-args>
			<function-arg-def name="location" type="optional" default="'%s' % STAF_REMOTE_HOSTNAME">
			<function-arg-description>
			Location of target host
			</function-arg-description>
			<function-arg-property name="type" value="hostname"/>
			</function-arg-def>
			<function-arg-def name="dsPath" type="optional" default="'%s/%s' % (DIRECTORY_INSTANCE_DIR,OPENDSNAME)">
			<function-arg-description>
			Pathname to installation root
			</function-arg-description>
			<function-arg-property name="type" value="filepath"/>
			</function-arg-def>
			<function-arg-def name="dsInstanceHost" type="optional">
			<function-arg-description>
			Directory server hostname or IP address
			</function-arg-description>
			<function-arg-property name="type" value="hostname"/>
			</function-arg-def>
			<function-arg-def name="dsInstancePort" type="optional">
			<function-arg-description>
			Directory server port number
			</function-arg-description>
			<function-arg-property name="type" value="Port number"/>
			</function-arg-def>
			<function-arg-def name="dsInstanceDn" type="optional">
			<function-arg-description>
			Bind DN
			</function-arg-description>
			<function-arg-property name="type" value="DN"/>
			</function-arg-def>
			<function-arg-def name="dsInstancePswd" type="optional">
			<function-arg-description>
			Bind password
			</function-arg-description>
			<function-arg-property name="type" value="string"/>
			</function-arg-def>
			<function-arg-def name="keystoreType" type="optional" default="'JKS'">
			<function-arg-description>
			Keystore type : JKS or PKCS12
			</function-arg-description>
			<function-arg-property name="type" value="string"/>
			</function-arg-def>
			<function-arg-def name="certAlias" type="optional" default="'server-cert'">
			<function-arg-description>
			Alias certificate
			</function-arg-description>
			</function-arg-def>
			<function-arg-def name="keystorePin" type="optional" default="'servercert'">
			<function-arg-description>
			Keystore pin
			</function-arg-description>
			<function-arg-property name="type" value="string"/>
			</function-arg-def>
			<function-arg-def name="extraParams" type="optional">
			<function-arg-description>
			Optional extra parameters for specific test cases
			</function-arg-description>
			<function-arg-property name="type" value="string"/>
			</function-arg-def>
			</function-map-args>
			<sequence>


			<!--- configure Key Manager Provider -->
			<message>
			'Configure Key Manager Provider'
			</message>

			<call function="'dsconfig'">
			{ 'location' : location ,
			'dsPath' : dsPath ,
			'dsInstanceHost' : dsInstanceHost ,
			'dsInstancePort' : dsInstancePort ,
			'dsInstanceDn' : dsInstanceDn ,
			'dsInstancePswd' : dsInstancePswd ,
			'subcommand' : 'set-key-manager-prop' ,
			'propertyName' : 'manager-name' ,
			'propertyValue' : keystoreType,
			'optionsString' : '--set key-store-file:config/keystore --reset key-store-pin-file --set key-store-pin:%s --set enabled:true' % keystorePin,
			'expectedRC' : 0 }
			</call>

			<!--- configure Trust Manager Provider -->
			<message>
			'Configure Trust Manager Provider'
			</message>


			<call function="'dsconfig'">
			{ 'location' : location ,
			'dsPath' : dsPath ,
			'dsInstanceHost' : dsInstanceHost ,
			'dsInstancePort' : dsInstancePort ,
			'dsInstanceDn' : dsInstanceDn ,
			'dsInstancePswd' : dsInstancePswd ,
			'subcommand' : 'set-trust-manager-prop' ,
			'propertyName' : 'manager-name' ,
			'propertyValue' : 'Blind Trust',
			'optionsString' : '--set enabled:true' ,
			'expectedRC' : 0 }
			</call>


			<!--- Enable LDAPS Connection Handler -->
			<message>
			'Enabling LDAPS Connection Handler - Keystore type'
			</message>

			<script>
			option1='--set ssl-cert-nickname:%s' % certAlias
			option2='--set trust-manager-provider-dn:"cn=Blind Trust,cn=Trust Manager Providers,cn=config"'
			option3='--set key-manager-provider-dn:"cn=%s,cn=Key Manager Providers,cn=config"' % (keystoreType)
			option4='--set listen-port:%s' % DIRECTORY_INSTANCE_SSL_PORT
			option5='--set enabled:true'
			optionsString='%s %s %s %s %s' % (option1,option2,option3,option4,option5)
			</script>

			<call function="'dsconfig'">
			{ 'location' : location ,
			'dsPath' : dsPath ,
			'dsInstanceHost' : dsInstanceHost ,
			'dsInstancePort' : dsInstancePort ,
			'dsInstanceDn' : dsInstanceDn ,
			'dsInstancePswd' : dsInstancePswd ,
			'subcommand' : 'set-connection-handler-prop' ,
			'propertyName' : 'handler-name' ,
			'propertyValue' : 'LDAPS Connection Handler',
			'optionsString' : optionsString,
			'expectedRC' : 0 }
			</call>

			<!--- Enable StartTLS -->
			<message>
			'Enabling StartTLS'
			</message>

			<script>
			option1='--set ssl-cert-nickname:%s' % certAlias
			option2='--set trust-manager-provider-dn:"cn=Blind Trust,cn=Trust Manager Providers,cn=config" '
			option3='--set key-manager-provider-dn:"cn=%s,cn=Key Manager Providers,cn=config"' % (keystoreType)
			option4='--set allow-start-tls:true'
			optionsString='%s %s %s %s' % (option1,option2,option3,option4)
			</script>

			<call function="'dsconfig'">
			{ 'location' : location ,
			'dsPath' : dsPath ,
			'dsInstanceHost' : dsInstanceHost ,
			'dsInstancePort' : dsInstancePort ,
			'dsInstanceDn' : dsInstanceDn ,
			'dsInstancePswd' : dsInstancePswd ,
			'subcommand' : 'set-connection-handler-prop' ,
			'propertyName' : 'handler-name' ,
			'propertyValue' : 'LDAP Connection Handler',
			'optionsString' : optionsString,
			'expectedRC' : 0 }
			</call>

			</sequence>
			</function>


			<!-- ################################################## -->
			<!-- Unconfigure SSL -->
			<!-- ################################################## -->

			<function name="unconfigureSSL">
			<function-prolog>
			This function reverses the configuration changes for SSL
			@@ -735,9 +940,9 @@
			</function-arg-description>
			<function-arg-property name="type" value="string"/>
			</function-arg-def>
			<function-arg-def name="keystoreType" type="required">
			<function-arg-def name="keystoreType" type="optional" default="'JKS'">
			<function-arg-description>
			Keystore type
			Keystore type : JKS or PKCS12
			</function-arg-description>
			<function-arg-property name="type" value="string"/>
			</function-arg-def>
			@@ -749,32 +954,26 @@
			</function-arg-def>
			</function-map-args>
			<sequence>
			<!-- Local variables -->
			<script>
			mylocation=location
			myhost=dsInstanceHost
			myport=dsInstancePort
			mydn=dsInstanceDn
			mypswd=dsInstancePswd
			</script>



			<!--- Disable LDAPS Connection Handler -->
			<message>
			'Disabling LDAPS Connection Handler'
			</message>

			<call function="'modifyEntry'">
			{ 'location' : mylocation ,
			'dsInstanceHost' : myhost ,
			'dsInstancePort' : myport ,
			'dsInstanceDn' : mydn ,
			'dsInstancePswd' : mypswd ,
			'entryToBeModified' : '%s/security/%s/teardown/disable_ldaps_conn_handler.ldif' % (logsRemoteDataDir,keystoreType) }
			</call>

			<call function="'checktestRC'">
			{ 'returncode' : RC ,
			'result' : STAXResult }
			<call function="'dsconfig'">
			{ 'location' : location ,
			'dsPath' : dsPath ,
			'dsInstanceHost' : dsInstanceHost ,
			'dsInstancePort' : dsInstancePort ,
			'dsInstanceDn' : dsInstanceDn ,
			'dsInstancePswd' : dsInstancePswd ,
			'subcommand' : 'set-connection-handler-prop' ,
			'propertyName' : 'handler-name' ,
			'propertyValue' : 'LDAPS Connection Handler',
			'optionsString' : '--set enabled:false',
			'expectedRC' : 0 }
			</call>

			<!--- Disable SSL Trust Manager Provider -->
			@@ -782,41 +981,48 @@
			'Disabling SSL Trust Manager Provider'
			</message>

			<call function="'modifyEntry'">
			{ 'location' : mylocation ,
			'dsInstanceHost' : myhost ,
			'dsInstancePort' : myport ,
			'dsInstanceDn' : mydn ,
			'dsInstancePswd' : mypswd ,
			'entryToBeModified' : '%s/security/%s/teardown/disable_trust_mgr_provider.ldif' % (logsRemoteDataDir,keystoreType) }

			<call function="'dsconfig'">
			{ 'location' : location ,
			'dsPath' : dsPath ,
			'dsInstanceHost' : dsInstanceHost ,
			'dsInstancePort' : dsInstancePort ,
			'dsInstanceDn' : dsInstanceDn ,
			'dsInstancePswd' : dsInstancePswd ,
			'subcommand' : 'set-trust-manager-prop' ,
			'propertyName' : 'manager-name' ,
			'propertyValue' : 'Blind Trust',
			'optionsString' : '--set enabled:false' ,
			'expectedRC' : 0 }
			</call>

			<call function="'checktestRC'">
			{ 'returncode' : RC ,
			'result' : STAXResult }
			</call>

			<!--- Disable Key Manager Provider -->
			<message>
			'Disabling Key Manager Provider'
			</message>

			<call function="'modifyEntry'">
			{ 'location' : mylocation ,
			'dsInstanceHost' : myhost ,
			'dsInstancePort' : myport ,
			'dsInstanceDn' : mydn ,
			'dsInstancePswd' : mypswd ,
			'entryToBeModified' : '%s/security/%s/teardown/disable_key_mgr_provider.ldif' % (logsRemoteDataDir,keystoreType) }
			<call function="'dsconfig'">
			{ 'location' : location ,
			'dsPath' : dsPath ,
			'dsInstanceHost' : dsInstanceHost ,
			'dsInstancePort' : dsInstancePort ,
			'dsInstanceDn' : dsInstanceDn ,
			'dsInstancePswd' : dsInstancePswd ,
			'subcommand' : 'set-key-manager-prop' ,
			'propertyName' : 'manager-name' ,
			'propertyValue' : keystoreType,
			'optionsString' : '--set enabled:false',
			'expectedRC' : 0 }
			</call>

			<call function="'checktestRC'">
			{ 'returncode' : RC ,
			'result' : STAXResult }
			</call>
			</sequence>
			</function>

			<!-- ################################################## -->
			<!-- unconfigureTLS -->
			<!-- ################################################## -->

			<function name="unconfigureTLS">
			<function-prolog>
			This function reverses the configuration changes for startTLS
			@@ -858,9 +1064,9 @@
			</function-arg-description>
			<function-arg-property name="type" value="string"/>
			</function-arg-def>
			<function-arg-def name="keystoreType" type="required">
			<function-arg-def name="keystoreType" type="optional" default="'JKS'">
			<function-arg-description>
			Keystore type
			Keystore type : JKS or PKCS12
			</function-arg-description>
			<function-arg-property name="type" value="string"/>
			</function-arg-def>
			@@ -873,32 +1079,24 @@
			</function-map-args>
			<sequence>

			<!-- Local variables -->
			<script>
			mylocation=location
			myhost=dsInstanceHost
			myport=dsInstancePort
			mydn=dsInstanceDn
			mypswd=dsInstancePswd
			</script>

			<!--- Disable StartTLS -->
			<message>
			'Disabling StartTLS'
			</message>

			<call function="'modifyEntry'">
			{ 'location' : mylocation ,
			'dsInstanceHost' : myhost ,
			'dsInstancePort' : myport ,
			'dsInstanceDn' : mydn ,
			'dsInstancePswd' : mypswd ,
			'entryToBeModified' : '%s/security/%s/teardown/disable_startTLS.ldif' % (logsRemoteDataDir,keystoreType) }
			</call>

			<call function="'checktestRC'">
			{ 'returncode' : RC ,
			'result' : STAXResult }
			<call function="'dsconfig'">
			{ 'location' : location ,
			'dsPath' : dsPath ,
			'dsInstanceHost' : dsInstanceHost ,
			'dsInstancePort' : dsInstancePort ,
			'dsInstanceDn' : dsInstanceDn ,
			'dsInstancePswd' : dsInstancePswd ,
			'subcommand' : 'set-connection-handler-prop' ,
			'propertyName' : 'handler-name' ,
			'propertyValue' : 'LDAP Connection Handler',
			'optionsString' : ' --set allow-start-tls:false',
			'expectedRC' : 0 }
			</call>

			<!--- Disable SSL Trust Manager Provider -->
			@@ -906,38 +1104,184 @@
			'Disabling SSL Trust Manager Provider'
			</message>

			<call function="'modifyEntry'">
			{ 'location' : mylocation ,
			'dsInstanceHost' : myhost ,
			'dsInstancePort' : myport ,
			'dsInstanceDn' : mydn ,
			'dsInstancePswd' : mypswd ,
			'entryToBeModified' : '%s/security/%s/teardown/disable_trust_mgr_provider.ldif' % (logsRemoteDataDir,keystoreType) }
			<call function="'dsconfig'">
			{ 'location' : location ,
			'dsPath' : dsPath ,
			'dsInstanceHost' : dsInstanceHost ,
			'dsInstancePort' : dsInstancePort ,
			'dsInstanceDn' : dsInstanceDn ,
			'dsInstancePswd' : dsInstancePswd ,
			'subcommand' : 'set-trust-manager-prop' ,
			'propertyName' : 'manager-name' ,
			'propertyValue' : 'Blind Trust',
			'optionsString' : '--set enabled:false' ,
			'expectedRC' : 0 }
			</call>

			<call function="'checktestRC'">
			{ 'returncode' : RC ,
			'result' : STAXResult }
			</call>

			<!--- Disable Key Manager Provider -->
			<message>
			'Disabling Key Manager Provider'
			</message>

			<call function="'modifyEntry'">
			{ 'location' : mylocation ,
			'dsInstanceHost' : myhost ,
			'dsInstancePort' : myport ,
			'dsInstanceDn' : mydn ,
			'dsInstancePswd' : mypswd ,
			'entryToBeModified' : '%s/security/%s/teardown/disable_key_mgr_provider.ldif' % (logsRemoteDataDir,keystoreType) }
			<call function="'dsconfig'">
			{ 'location' : location ,
			'dsPath' : dsPath ,
			'dsInstanceHost' : dsInstanceHost ,
			'dsInstancePort' : dsInstancePort ,
			'dsInstanceDn' : dsInstanceDn ,
			'dsInstancePswd' : dsInstancePswd ,
			'subcommand' : 'set-key-manager-prop' ,
			'propertyName' : 'manager-name' ,
			'propertyValue' : keystoreType,
			'optionsString' : '--set enabled:false',
			'expectedRC' : 0 }
			</call>

			<call function="'checktestRC'">
			{ 'returncode' : RC ,
			'result' : STAXResult }
			</sequence>
			</function>

			<!-- ################################################## -->
			<!-- Unconfigure SSL and TLS -->
			<!-- ################################################## -->

			<function name="unconfigureSSL_TLS">
			<function-prolog>
			This function reverses the configuration changes for SSL and TLS
			</function-prolog>
			<function-map-args>
			<function-arg-def name="location" type="optional" default="'%s' % STAF_REMOTE_HOSTNAME">
			<function-arg-description>
			Location of target host
			</function-arg-description>
			<function-arg-property name="type" value="hostname"/>
			</function-arg-def>
			<function-arg-def name="dsPath" type="optional" default="'%s/%s' % (DIRECTORY_INSTANCE_DIR,OPENDSNAME)">
			<function-arg-description>
			Pathname to installation root
			</function-arg-description>
			<function-arg-property name="type" value="filepath"/>
			</function-arg-def>
			<function-arg-def name="dsInstanceHost" type="optional">
			<function-arg-description>
			Directory server hostname or IP address
			</function-arg-description>
			<function-arg-property name="type" value="hostname"/>
			</function-arg-def>
			<function-arg-def name="dsInstancePort" type="optional">
			<function-arg-description>
			Directory server port number
			</function-arg-description>
			<function-arg-property name="type" value="Port number"/>
			</function-arg-def>
			<function-arg-def name="dsInstanceDn" type="optional">
			<function-arg-description>
			Bind DN
			</function-arg-description>
			<function-arg-property name="type" value="DN"/>
			</function-arg-def>
			<function-arg-def name="dsInstancePswd" type="optional">
			<function-arg-description>
			Bind password
			</function-arg-description>
			<function-arg-property name="type" value="string"/>
			</function-arg-def>
			<function-arg-def name="keystoreType" type="optional" default="'JKS'">
			<function-arg-description>
			Keystore type : JKS or PKCS12
			</function-arg-description>
			<function-arg-property name="type" value="string"/>
			</function-arg-def>
			<function-arg-def name="extraParams" type="optional">
			<function-arg-description>
			Optional extra parameters for specific test cases
			</function-arg-description>
			<function-arg-property name="type" value="string"/>
			</function-arg-def>
			</function-map-args>
			<sequence>



			<!--- Disable LDAPS Connection Handler -->
			<message>
			'Disabling LDAPS Connection Handler'
			</message>

			<call function="'dsconfig'">
			{ 'location' : location ,
			'dsPath' : dsPath ,
			'dsInstanceHost' : dsInstanceHost ,
			'dsInstancePort' : dsInstancePort ,
			'dsInstanceDn' : dsInstanceDn ,
			'dsInstancePswd' : dsInstancePswd ,
			'subcommand' : 'set-connection-handler-prop' ,
			'propertyName' : 'handler-name' ,
			'propertyValue' : 'LDAPS Connection Handler',
			'optionsString' : '--set enabled:false',
			'expectedRC' : 0 }
			</call>


			<!--- Disable StartTLS -->
			<message>
			'Disabling StartTLS'
			</message>

			<call function="'dsconfig'">
			{ 'location' : location ,
			'dsPath' : dsPath ,
			'dsInstanceHost' : dsInstanceHost ,
			'dsInstancePort' : dsInstancePort ,
			'dsInstanceDn' : dsInstanceDn ,
			'dsInstancePswd' : dsInstancePswd ,
			'subcommand' : 'set-connection-handler-prop' ,
			'propertyName' : 'handler-name' ,
			'propertyValue' : 'LDAP Connection Handler',
			'optionsString' : ' --set allow-start-tls:false',
			'expectedRC' : 0 }
			</call>

			<!--- Disable SSL Trust Manager Provider -->
			<message>
			'Disabling SSL Trust Manager Provider'
			</message>


			<call function="'dsconfig'">
			{ 'location' : location ,
			'dsPath' : dsPath ,
			'dsInstanceHost' : dsInstanceHost ,
			'dsInstancePort' : dsInstancePort ,
			'dsInstanceDn' : dsInstanceDn ,
			'dsInstancePswd' : dsInstancePswd ,
			'subcommand' : 'set-trust-manager-prop' ,
			'propertyName' : 'manager-name' ,
			'propertyValue' : 'Blind Trust',
			'optionsString' : '--set enabled:false' ,
			'expectedRC' : 0 }
			</call>


			<!--- Disable Key Manager Provider -->
			<message>
			'Disabling Key Manager Provider'
			</message>

			<call function="'dsconfig'">
			{ 'location' : location ,
			'dsPath' : dsPath ,
			'dsInstanceHost' : dsInstanceHost ,
			'dsInstancePort' : dsInstancePort ,
			'dsInstanceDn' : dsInstanceDn ,
			'dsInstancePswd' : dsInstancePswd ,
			'subcommand' : 'set-key-manager-prop' ,
			'propertyName' : 'manager-name' ,
			'propertyValue' : keystoreType,
			'optionsString' : '--set enabled:false',
			'expectedRC' : 0 }
			</call>

			</sequence>
			</function>