This function generates a server certificate Location of target host Pathname to installation root Alias certificate Certificate subject Path for the key store file Password to protect the contents of the key store Password to protect the private key on the key store: keypass The storetype. can be JKS or PKCS12 Expected return code value. Default value is 0. Wildcard 'noCheck' to not check the RC output file descriptor { 'name' : 'Generate a Certificate', 'location' : location, 'command' : '%s/bin/keytool' % JAVA_HOME, 'arguments' : args, 'path' : dsConfigPath, 'expectedRC': expectedRC, 'fileFd' : fileFd } STAXResult This function self-signs a certificate Location of target host Pathname to installation root Alias certificate Path for the key store file Password to protect the contents of the key store Password to protect the private key on the key store: keypass The storetype. can be JKS or PKCS12 Expected return code value. Default value is 0. Wildcard 'noCheck' to not check the RC output file descriptor { 'name' : 'Generate a Self-Signed Server Certificate', 'location' : location, 'command' : '%s/bin/keytool' % JAVA_HOME, 'arguments' : args, 'path' : dsConfigPath, 'expectedRC': expectedRC, 'fileFd' : fileFd } STAXResult This function exports a certificate Location of target host Pathname to installation root Alias certificate Path for the key store file Password to protect the contents of the key store Format of the certificate. By default, it's in binary encoding The storetype. can be JKS or PKCS12 Output file to store certificate Expected return code value. Default value is 0. Wildcard 'noCheck' to not check the RC output file descriptor { 'name' : 'Export a Certificate', 'location' : location, 'command' : '%s/bin/keytool' % JAVA_HOME, 'arguments' : args, 'path' : dsConfigPath, 'expectedRC' : expectedRC, 'fileFd' : fileFd } STAXResult This function imports a certificate Location of target host Pathname to installation root Alias certificate Path for the key store file Password to protect the contents of the key store The storetype. can be JKS or PKCS12 Certificate to import Expected return code value. Default value is 0. Wildcard 'noCheck' to not check the RC output file descriptor { 'name' : 'Import a Certificate', 'location' : location, 'command' : '%s/bin/keytool' % JAVA_HOME, 'arguments' : args, 'path' : dsConfigPath, 'expectedRC' : expectedRC, 'fileFd' : fileFd } STAXResult This function returns the fingerprint MD5 or SHA1 Location of target host Pathname to installation root Alias certificate Path for the key store file Password to protect the contents of the key store fingerprint. can be MD5 or SHA1 Expected return code value. Default value is 0. Wildcard 'noCheck' to not check the RC output file descriptor { 'name' : 'getFingerprint', 'location' : location, 'command' : '%s/bin/keytool' % JAVA_HOME, 'arguments' : args, 'path' : dsConfigPath, 'expectedRC': expectedRC, 'fileFd' : fileFd } STAXResult This function makes the configuration changes for SSL Location of target host Pathname to installation root Directory server hostname or IP address Directory server port number Bind DN Alias certificate Bind password Keystore type : JKS or PKCS12 Keystore pin Name for a new key manager Name for a new trust manager Optional extra parameters for specific test cases output file descriptor { 'content' : 'Configure Key Manager Provider', 'fileFd' : fileFd } { 'location' : location, 'dsPath' : dsPath, 'dsInstanceHost' : dsInstanceHost, 'dsInstancePort' : dsInstancePort, 'dsInstanceDn' : dsInstanceDn, 'dsInstancePswd' : dsInstancePswd, 'subcommand' : 'create-key-manager-provider', 'objectType' : 'provider-name', 'objectName' : customKeyMgr, 'optionsString' : opts, 'expectedRC' : 0, 'fileFd' : fileFd } { 'location' : location, 'dsPath' : dsPath, 'dsInstanceHost' : dsInstanceHost, 'dsInstancePort' : dsInstancePort, 'dsInstanceDn' : dsInstanceDn, 'dsInstancePswd' : dsInstancePswd, 'subcommand' : 'set-key-manager-provider-prop', 'objectType' : 'provider-name', 'objectName' : keystoreType, 'optionsString' : opts, 'expectedRC' : 0, 'fileFd' : fileFd } { 'content' : 'Configure Trust Manager Provider', 'fileFd' : fileFd } { 'location' : location, 'dsPath' : dsPath, 'dsInstanceHost' : dsInstanceHost, 'dsInstancePort' : dsInstancePort, 'dsInstanceDn' : dsInstanceDn, 'dsInstancePswd' : dsInstancePswd, 'subcommand' : 'create-trust-manager-provider', 'objectType' : 'provider-name', 'objectName' : customTrustMgr, 'optionsString' : opts, 'expectedRC' : 0, 'fileFd' : fileFd } { 'location' : location, 'dsPath' : dsPath, 'dsInstanceHost' : dsInstanceHost, 'dsInstancePort' : dsInstancePort, 'dsInstanceDn' : dsInstanceDn, 'dsInstancePswd' : dsInstancePswd, 'subcommand' : 'set-trust-manager-provider-prop', 'objectType' : 'provider-name', 'objectName' : 'Blind Trust', 'optionsString' : '--set enabled:true', 'expectedRC' : 0, 'fileFd' : fileFd } { 'content' : 'Enabling LDAPS Connection Handler - Keystore type', 'fileFd' : fileFd } { 'location' : location, 'dsPath' : dsPath, 'dsInstanceHost' : dsInstanceHost, 'dsInstancePort' : dsInstancePort, 'dsInstanceDn' : dsInstanceDn, 'dsInstancePswd' : dsInstancePswd, 'subcommand' : 'set-connection-handler-prop', 'objectType' : 'handler-name', 'objectName' : 'LDAPS Connection Handler', 'optionsString' : optionsString, 'expectedRC' : 0, 'fileFd' : fileFd } This function makes the configuration changes for startTLS Location of target host Pathname to installation root Directory server hostname or IP address Directory server port number Bind DN Bind password Keystore pin Alias certificate Keystore type : JKS or PKCS12 Optional extra parameters for specific test cases output file descriptor { 'content' : 'Configure Key Manager Provider', 'fileFd' : fileFd } { 'location' : location, 'dsPath' : dsPath, 'dsInstanceHost' : dsInstanceHost, 'dsInstancePort' : dsInstancePort, 'dsInstanceDn' : dsInstanceDn, 'dsInstancePswd' : dsInstancePswd, 'subcommand' : 'set-key-manager-provider-prop', 'objectType' : 'provider-name', 'objectName' : keystoreType, 'optionsString' : opts, 'expectedRC' : 0, 'fileFd' : fileFd } { 'content' : 'Configure Trust Manager Provider', 'fileFd' : fileFd } { 'location' : location, 'dsPath' : dsPath, 'dsInstanceHost' : dsInstanceHost, 'dsInstancePort' : dsInstancePort, 'dsInstanceDn' : dsInstanceDn, 'dsInstancePswd' : dsInstancePswd, 'subcommand' : 'set-trust-manager-provider-prop', 'objectType' : 'provider-name', 'objectName' : 'Blind Trust', 'optionsString' : '--set enabled:true', 'expectedRC' : 0, 'fileFd' : fileFd } { 'content' : 'Enabling StartTLS', 'fileFd' : fileFd } { 'location' : location, 'dsPath' : dsPath, 'dsInstanceHost' : dsInstanceHost, 'dsInstancePort' : dsInstancePort, 'dsInstanceDn' : dsInstanceDn, 'dsInstancePswd' : dsInstancePswd, 'subcommand' : 'set-connection-handler-prop', 'objectType' : 'handler-name', 'objectName' : 'LDAP Connection Handler', 'optionsString' : optionsString, 'expectedRC' : 0, 'fileFd' : fileFd } This function makes the configuration changes for SSL and TLS Location of target host Pathname to installation root Directory server hostname or IP address Directory server port number Bind DN Bind password Keystore type : JKS or PKCS12 Alias certificate Keystore pin Optional extra parameters for specific test cases output file descriptor { 'content' : 'Configure Key Manager Provider', 'fileFd' : fileFd } { 'location' : location, 'dsPath' : dsPath, 'dsInstanceHost' : dsInstanceHost, 'dsInstancePort' : dsInstancePort, 'dsInstanceDn' : dsInstanceDn, 'dsInstancePswd' : dsInstancePswd, 'subcommand' : 'set-key-manager-provider-prop', 'objectType' : 'provider-name', 'objectName' : keystoreType, 'optionsString' : opts, 'expectedRC' : 0, 'fileFd' : fileFd } { 'content' : 'Configure Trust Manager Provider', 'fileFd' : fileFd } { 'location' : location, 'dsPath' : dsPath, 'dsInstanceHost' : dsInstanceHost, 'dsInstancePort' : dsInstancePort, 'dsInstanceDn' : dsInstanceDn, 'dsInstancePswd' : dsInstancePswd, 'subcommand' : 'set-trust-manager-provider-prop', 'objectType' : 'provider-name', 'objectName' : 'Blind Trust', 'optionsString' : '--set enabled:true', 'expectedRC' : 0, 'fileFd' : fileFd } { 'content' : 'Enabling LDAPS Connection Handler - Keystore type', 'fileFd' : fileFd } { 'location' : location, 'dsPath' : dsPath, 'dsInstanceHost' : dsInstanceHost, 'dsInstancePort' : dsInstancePort, 'dsInstanceDn' : dsInstanceDn, 'dsInstancePswd' : dsInstancePswd, 'subcommand' : 'set-connection-handler-prop', 'objectType' : 'handler-name', 'objectName' : 'LDAPS Connection Handler', 'optionsString' : optionsString, 'expectedRC' : 0, 'fileFd' : fileFd } { 'content' : 'Enabling StartTLS', 'fileFd' : fileFd } { 'location' : location, 'dsPath' : dsPath, 'dsInstanceHost' : dsInstanceHost, 'dsInstancePort' : dsInstancePort, 'dsInstanceDn' : dsInstanceDn, 'dsInstancePswd' : dsInstancePswd, 'subcommand' : 'set-connection-handler-prop', 'objectType' : 'handler-name', 'objectName' : 'LDAP Connection Handler', 'optionsString' : optionsString, 'expectedRC' : 0, 'fileFd' : fileFd } This function reverses the configuration changes for SSL Location of target host Pathname to installation root Directory server hostname or IP address Directory server port number Bind DN Bind password Keystore type : JKS or PKCS12 Name for a new key manager Name for a new trust manager Optional extra parameters for specific test cases output file descriptor { 'content' : 'Disabling LDAPS Connection Handler', 'fileFd' : fileFd } { 'location' : location, 'dsPath' : dsPath, 'dsInstanceHost' : dsInstanceHost, 'dsInstancePort' : dsInstancePort, 'dsInstanceDn' : dsInstanceDn, 'dsInstancePswd' : dsInstancePswd, 'subcommand' : 'set-connection-handler-prop', 'objectType' : 'handler-name', 'objectName' : 'LDAPS Connection Handler', 'optionsString' : '--set enabled:false --set use-ssl:false', 'expectedRC' : 0, 'fileFd' : fileFd } { 'location' : location, 'dsPath' : dsPath, 'dsInstanceHost' : dsInstanceHost, 'dsInstancePort' : dsInstancePort, 'dsInstanceDn' : dsInstanceDn, 'dsInstancePswd' : dsInstancePswd, 'subcommand' : 'set-connection-handler-prop', 'objectType' : 'handler-name', 'objectName' : 'LDAPS Connection Handler', 'optionsString' : opts, 'expectedRC' : 0, 'fileFd' : fileFd } { 'content' : 'Disabling SSL Trust Manager Provider', 'fileFd' : fileFd } { 'location' : location, 'dsPath' : dsPath, 'dsInstanceHost' : dsInstanceHost, 'dsInstancePort' : dsInstancePort, 'dsInstanceDn' : dsInstanceDn, 'dsInstancePswd' : dsInstancePswd, 'subcommand' : 'delete-trust-manager-provider', 'objectType' : 'provider-name', 'objectName' : customTrustMgr, 'expectedRC' : 0, 'fileFd' : fileFd } { 'location' : location, 'dsPath' : dsPath, 'dsInstanceHost' : dsInstanceHost, 'dsInstancePort' : dsInstancePort, 'dsInstanceDn' : dsInstanceDn, 'dsInstancePswd' : dsInstancePswd, 'subcommand' : 'set-trust-manager-provider-prop', 'objectType' : 'provider-name', 'objectName' : 'Blind Trust', 'optionsString' : '--set enabled:false', 'expectedRC' : 0, 'fileFd' : fileFd } { 'content' : 'Disabling Key Manager Provider', 'fileFd' : fileFd } { 'location' : location, 'dsPath' : dsPath, 'dsInstanceHost' : dsInstanceHost, 'dsInstancePort' : dsInstancePort, 'dsInstanceDn' : dsInstanceDn, 'dsInstancePswd' : dsInstancePswd, 'subcommand' : 'delete-key-manager-provider', 'objectType' : 'provider-name', 'objectName' : customKeyMgr, 'expectedRC' : 0, 'fileFd' : fileFd } { 'location' : location, 'dsPath' : dsPath, 'dsInstanceHost' : dsInstanceHost, 'dsInstancePort' : dsInstancePort, 'dsInstanceDn' : dsInstanceDn, 'dsInstancePswd' : dsInstancePswd, 'subcommand' : 'set-key-manager-provider-prop', 'objectType' : 'provider-name', 'objectName' : keystoreType, 'optionsString' : '--set enabled:false', 'expectedRC' : 0, 'fileFd' : fileFd } This function reverses the configuration changes for startTLS Location of target host Pathname to installation root Directory server hostname or IP address Directory server port number Bind DN Bind password Keystore type : JKS or PKCS12 Optional extra parameters for specific test cases output file descriptor { 'content' : 'Disabling StartTLS', 'fileFd' : fileFd } { 'location' : location, 'dsPath' : dsPath, 'dsInstanceHost' : dsInstanceHost, 'dsInstancePort' : dsInstancePort, 'dsInstanceDn' : dsInstanceDn, 'dsInstancePswd' : dsInstancePswd, 'subcommand' : 'set-connection-handler-prop', 'objectType' : 'handler-name', 'objectName' : 'LDAP Connection Handler', 'optionsString' : ' --set allow-start-tls:false', 'expectedRC' : 0, 'fileFd' : fileFd } { 'content' : 'Disabling SSL Trust Manager Provider', 'fileFd' : fileFd } { 'location' : location, 'dsPath' : dsPath, 'dsInstanceHost' : dsInstanceHost, 'dsInstancePort' : dsInstancePort, 'dsInstanceDn' : dsInstanceDn, 'dsInstancePswd' : dsInstancePswd, 'subcommand' : 'set-trust-manager-provider-prop', 'objectType' : 'provider-name', 'objectName' : 'Blind Trust', 'optionsString' : '--set enabled:false', 'expectedRC' : 0, 'fileFd' : fileFd } { 'content' : 'Disabling Key Manager Provider', 'fileFd' : fileFd } { 'location' : location, 'dsPath' : dsPath, 'dsInstanceHost' : dsInstanceHost, 'dsInstancePort' : dsInstancePort, 'dsInstanceDn' : dsInstanceDn, 'dsInstancePswd' : dsInstancePswd, 'subcommand' : 'set-key-manager-provider-prop', 'objectType' : 'provider-name', 'objectName' : keystoreType, 'optionsString' : '--set enabled:false', 'expectedRC' : 0, 'fileFd' : fileFd } This function reverses the configuration changes for SSL and TLS Location of target host Pathname to installation root Directory server hostname or IP address Directory server port number Bind DN Bind password Keystore type : JKS or PKCS12 Optional extra parameters for specific test cases output file descriptor { 'content' : 'Disabling LDAPS Connection Handler', 'fileFd' : fileFd } { 'location' : location, 'dsPath' : dsPath, 'dsInstanceHost' : dsInstanceHost, 'dsInstancePort' : dsInstancePort, 'dsInstanceDn' : dsInstanceDn, 'dsInstancePswd' : dsInstancePswd, 'subcommand' : 'set-connection-handler-prop', 'objectType' : 'handler-name', 'objectName' : 'LDAPS Connection Handler', 'optionsString' : '--set enabled:false --set use-ssl:false', 'expectedRC' : 0, 'fileFd' : fileFd } { 'content' : 'Disabling StartTLS', 'fileFd' : fileFd } { 'location' : location, 'dsPath' : dsPath, 'dsInstanceHost' : dsInstanceHost, 'dsInstancePort' : dsInstancePort, 'dsInstanceDn' : dsInstanceDn, 'dsInstancePswd' : dsInstancePswd, 'subcommand' : 'set-connection-handler-prop', 'objectType' : 'handler-name', 'objectName' : 'LDAP Connection Handler', 'optionsString' : ' --set allow-start-tls:false', 'expectedRC' : 0, 'fileFd' : fileFd } { 'content' : 'Disabling SSL Trust Manager Provider', 'fileFd' : fileFd } { 'location' : location, 'dsPath' : dsPath, 'dsInstanceHost' : dsInstanceHost, 'dsInstancePort' : dsInstancePort, 'dsInstanceDn' : dsInstanceDn, 'dsInstancePswd' : dsInstancePswd, 'subcommand' : 'set-trust-manager-provider-prop', 'objectType' : 'provider-name', 'objectName' : 'Blind Trust', 'optionsString' : '--set enabled:false', 'expectedRC' : 0, 'fileFd' : fileFd } { 'content' : 'Disabling Key Manager Provider', 'fileFd' : fileFd } { 'location' : location, 'dsPath' : dsPath, 'dsInstanceHost' : dsInstanceHost, 'dsInstancePort' : dsInstancePort, 'dsInstanceDn' : dsInstanceDn, 'dsInstancePswd' : dsInstancePswd, 'subcommand' : 'set-key-manager-provider-prop', 'objectType' : 'provider-name', 'objectName' : keystoreType, 'optionsString' : '--set enabled:false', 'expectedRC' : 0, 'fileFd' : fileFd }