The is used to interact with administration tools using LDAP. It is a dedicated entry point for administration. ds-cfg-administration-connector top Specifies the address or set of addresses on which this should listen for connections from LDAP clients. Multiple addresses may be provided as separate values for this attribute. If no values are provided, then the listens on all interfaces. 0.0.0.0 ds-cfg-listen-address Specifies the name of the key manager that is used with the . The referenced key manager provider must be enabled. ds-cfg-key-manager-provider Specifies the name of the trust manager that is used with the . Use the trust manager provided by the JVM. The referenced trust manager provider must be enabled. ds-cfg-trust-manager-provider Specifies the nicknames (also called the aliases) of the keys or key pairs that the should use when performing SSL communication. The property can be used multiple times (referencing different nicknames) when server certificates with different public key algorithms are used in parallel (for example, RSA, DSA, and ECC-based algorithms). When a nickname refers to an asymmetric (public/private) key pair, the nickname for the public key certificate and associated private key entry must match exactly. A single nickname is used to retrieve both the public key and the private key. Let the server decide. ds-cfg-ssl-cert-nickname Specifies the names of the SSL protocols that are allowed for use in SSL or StartTLS communication. Changes to this property take effect immediately but only impact new SSL/TLS-based sessions created after the change. Uses the default set of SSL protocols provided by the server's JVM. ds-cfg-ssl-protocol Specifies the names of the SSL cipher suites that are allowed for use in SSL communication. Changes to this property take effect immediately but will only impact new SSL/TLS-based sessions created after the change. Uses the default set of SSL cipher suites provided by the server's JVM. ds-cfg-ssl-cipher-suite