This function generates a server certificate Location of target host Pathname to installation root Alias certificate Certificate subject Path for the key store file Password to protect the contents of the key store Password to protect the private key on the key store: keypass The storetype. can be JKS or PKCS12 'keytool -genkey -alias %s -keyalg rsa -dname "%s" -keystore %s -storepass %s -keypass %s -storetype %s ' % (certAlias,dname,keystore,storepass,keypass,storetype) '%s' % location '%s/bin/keytool' % JAVA_HOME '-genkey -alias %s -keyalg rsa -dname "%s" -keystore %s -storepass %s -keypass %s -storetype %s ' % (certAlias,dname,keystore,storepass,keypass,storetype) '%s' % dsConfigPath ['PATH=/bin:/usr/bin:%s' % dsBinPath, 'JAVA_HOME=%s' % JAVA_HOME] { 'returncode' : STAXCode , 'result' : STAXReason } STAXReason This function self-signs a certificate Location of target host Pathname to installation root Alias certificate Path for the key store file Password to protect the contents of the key store Password to protect the private key on the key store: keypass The storetype. can be JKS or PKCS12 'keytool -selfcert -alias %s -keystore "%s" -keypass "%s" -storepass "%s" -storetype "%s" ' % (certAlias,keystore,keypass,storepass,storetype) '%s' % location '%s/bin/keytool' % JAVA_HOME '-selfcert -alias %s -keystore "%s" -keypass "%s" -storepass "%s" -storetype "%s" ' % (certAlias,keystore,keypass,storepass,storetype) '%s' % dsConfigPath ['PATH=/bin:/usr/bin:%s' % dsBinPath, 'JAVA_HOME=%s' % JAVA_HOME] { 'returncode' : STAXCode , 'result' : STAXReason } STAXReason This function exports a certificate Location of target host Pathname to installation root Alias certificate Path for the key store file Password to protect the contents of the key store Format of the certificate. By default, it's in binary encoding The storetype. can be JKS or PKCS12 Output file to store certificate 'keytool -export -alias %s -file %s -keystore "%s" -storepass "%s" -storetype %s %s' % (certAlias,outputfile,keystore,storepass,storetype,STAFCmdParams) '%s' % location '%s/bin/keytool' % JAVA_HOME '-export -alias %s -file %s -keystore "%s" -storepass "%s" -storetype %s %s' % (certAlias,outputfile,keystore,storepass,storetype,STAFCmdParams) '%s' % dsConfigPath ['PATH=/bin:/usr/bin:%s' % dsBinPath, 'JAVA_HOME=%s' % JAVA_HOME] { 'returncode' : STAXCode , 'result' : STAXReason } STAXReason This function imports a certificate Location of target host Pathname to installation root Alias certificate Path for the key store file Password to protect the contents of the key store The storetype. can be JKS or PKCS12 Certificate to import 'keytool -import -alias %s -file %s -keystore "%s" -storepass "%s" -storetype %s -noprompt' % (certAlias,inputfile,keystore,storepass,storetype) '%s' % location '%s/bin/keytool' % JAVA_HOME '-import -alias %s -file %s -keystore "%s" -storepass "%s" -storetype %s -noprompt' % (certAlias,inputfile,keystore,storepass,storetype) '%s' % dsConfigPath ['PATH=/bin:/usr/bin:%s' % dsBinPath, 'JAVA_HOME=%s' % JAVA_HOME] { 'returncode' : STAXCode , 'result' : STAXReason } STAXReason This function returns the fingerprint MD5 or SHA1 Location of target host Pathname to installation root Alias certificate Path for the key store file Password to protect the contents of the key store fingerprint. can be MD5 or SHA1 ' -keystore "%s" -storepass "%s" -alias "%s" -list -v' % (keystore,storepass,certAlias) '%s' % location '%s/bin/keytool' % JAVA_HOME ' -list -v -keystore "%s" -storepass "%s" -alias "%s"' % (keystore,storepass,certAlias) '%s' % dsConfigPath ['PATH=/bin:/usr/bin:%s' % dsBinPath, 'JAVA_HOME=%s' % JAVA_HOME] { 'returncode' : STAXCode , 'result' : STAXReason } STAXReason This function makes the configuration changes for SSL Location of target host Pathname to installation root Directory server hostname or IP address Directory server port number Bind DN Bind password Keystore type Optional extra parameters for specific test cases 'Enabling Key Manager Provider' { 'location' : mylocation , 'dsInstanceHost' : myhost , 'dsInstancePort' : myport , 'dsInstanceDn' : mydn , 'dsInstancePswd' : mypswd , 'entryToBeModified' : '%s/security/%s/setup/enable_key_mgr_provider.ldif' % (logsRemoteDataDir,keystoreType) } { 'returncode' : RC , 'result' : STAXResult } 'Enabling Trust Manager Provider' { 'location' : mylocation , 'dsInstanceHost' : myhost , 'dsInstancePort' : myport , 'dsInstanceDn' : mydn , 'dsInstancePswd' : mypswd , 'entryToBeModified' : '%s/security/%s/setup/enable_trust_mgr_provider.ldif' % (logsRemoteDataDir,keystoreType) } { 'returncode' : RC , 'result' : STAXResult } 'Enabling LDAPS Connection Handler - Keystore type' { 'location' : mylocation , 'dsInstanceHost' : myhost , 'dsInstancePort' : myport , 'dsInstanceDn' : mydn , 'dsInstancePswd' : mypswd , 'entryToBeModified' : '%s/security/%s/setup/enable_ldaps_conn_handler.ldif' % (logsRemoteDataDir,keystoreType) } { 'returncode' : RC , 'result' : STAXResult } 'Enabling LDAPS Connection Handler - Port number' { 'location' : mylocation , 'dsInstanceHost' : myhost , 'dsInstancePort' : myport , 'dsInstanceDn' : mydn , 'dsInstancePswd' : mypswd , 'entryToBeModified' : '%s/security/ldaps_port.ldif' % (logsRemoteDataDir) } { 'returncode' : RC , 'result' : STAXResult } This function makes the configuration changes for startTLS Location of target host Pathname to installation root Directory server hostname or IP address Directory server port number Bind DN Bind password Keystore type Optional extra parameters for specific test cases { 'location' : mylocation , 'dsInstanceHost' : myhost , 'dsInstancePort' : myport , 'dsInstanceDn' : mydn , 'dsInstancePswd' : mypswd , 'entryToBeModified' : '%s/security/%s/setup/enable_key_mgr_provider.ldif' % (logsRemoteDataDir,keystoreType) } { 'returncode' : RC , 'result' : STAXResult } 'Enabling Trust Manager Provider' { 'location' : mylocation , 'dsInstanceHost' : myhost , 'dsInstancePort' : myport , 'dsInstanceDn' : mydn , 'dsInstancePswd' : mypswd , 'entryToBeModified' : '%s/security/%s/setup/enable_trust_mgr_provider.ldif' % (logsRemoteDataDir,keystoreType) } { 'returncode' : RC , 'result' : STAXResult } 'Enabling StartTLS' { 'location' : mylocation , 'dsInstanceHost' : myhost , 'dsInstancePort' : myport , 'dsInstanceDn' : mydn , 'dsInstancePswd' : mypswd , 'entryToBeAdded' : '%s/security/%s/setup/enable_startTLS.ldif' % (logsRemoteDataDir,keystoreType) } { 'returncode' : RC , 'result' : STAXResult } This function reverses the configuration changes for SSL Location of target host Pathname to installation root Directory server hostname or IP address Directory server port number Bind DN Bind password Keystore type Optional extra parameters for specific test cases 'Disabling LDAPS Connection Handler' { 'location' : mylocation , 'dsInstanceHost' : myhost , 'dsInstancePort' : myport , 'dsInstanceDn' : mydn , 'dsInstancePswd' : mypswd , 'entryToBeModified' : '%s/security/%s/teardown/disable_ldaps_conn_handler.ldif' % (logsRemoteDataDir,keystoreType) } { 'returncode' : RC , 'result' : STAXResult } 'Disabling SSL Trust Manager Provider' { 'location' : mylocation , 'dsInstanceHost' : myhost , 'dsInstancePort' : myport , 'dsInstanceDn' : mydn , 'dsInstancePswd' : mypswd , 'entryToBeModified' : '%s/security/%s/teardown/disable_trust_mgr_provider.ldif' % (logsRemoteDataDir,keystoreType) } { 'returncode' : RC , 'result' : STAXResult } 'Disabling Key Manager Provider' { 'location' : mylocation , 'dsInstanceHost' : myhost , 'dsInstancePort' : myport , 'dsInstanceDn' : mydn , 'dsInstancePswd' : mypswd , 'entryToBeModified' : '%s/security/%s/teardown/disable_key_mgr_provider.ldif' % (logsRemoteDataDir,keystoreType) } { 'returncode' : RC , 'result' : STAXResult } This function reverses the configuration changes for startTLS Location of target host Pathname to installation root Directory server hostname or IP address Directory server port number Bind DN Bind password Keystore type Optional extra parameters for specific test cases 'Disabling StartTLS' { 'location' : mylocation , 'dsInstanceHost' : myhost , 'dsInstancePort' : myport , 'dsInstanceDn' : mydn , 'dsInstancePswd' : mypswd , 'entryToBeModified' : '%s/security/%s/teardown/disable_startTLS.ldif' % (logsRemoteDataDir,keystoreType) } { 'returncode' : RC , 'result' : STAXResult } 'Disabling SSL Trust Manager Provider' { 'location' : mylocation , 'dsInstanceHost' : myhost , 'dsInstancePort' : myport , 'dsInstanceDn' : mydn , 'dsInstancePswd' : mypswd , 'entryToBeModified' : '%s/security/%s/teardown/disable_trust_mgr_provider.ldif' % (logsRemoteDataDir,keystoreType) } { 'returncode' : RC , 'result' : STAXResult } 'Disabling Key Manager Provider' { 'location' : mylocation , 'dsInstanceHost' : myhost , 'dsInstancePort' : myport , 'dsInstanceDn' : mydn , 'dsInstancePswd' : mypswd , 'entryToBeModified' : '%s/security/%s/teardown/disable_key_mgr_provider.ldif' % (logsRemoteDataDir,keystoreType) } { 'returncode' : RC , 'result' : STAXResult }