'---- Generating Server Certificate -----' { 'certAlias' : 'server-cert' , 'dname' : "uid=server,%s" % (DIRECTORY_INSTANCE_SFX), 'keystore' : 'keystore', 'storepass' : SERVER_STOREPASS, 'keypass' : SERVER_KEYPASS, 'storetype' : 'JKS' } '---- Self-Signing Server Certificate ---- ' { 'certAlias' : 'server-cert' , 'storepass' : SERVER_STOREPASS, 'keypass' : SERVER_KEYPASS, 'keystore' : 'keystore', 'storetype' : 'JKS' } 'Create folder %s' % (CERT_TMP) { 'location' : DIRECTORY_INSTANCE_HOST, 'foldername' : CERT_TMP } { 'returncode' : RC , 'result' : STAXResult } '---- Generating client Certificate : %s ---- ' % (USER_1_CERT) { 'certAlias' : USER_1_CERT, 'dname' : USER_1_DN, 'storepass' : CLIENT_STOREPASS, 'keystore' : CLIENT_KEYSTORE, 'keypass' : CLIENT_KEYPASS, 'storetype' : 'JKS' } '---- Self-Signing client Certificate : %s ---- ' % (USER_1_CERT) { 'certAlias' : USER_1_CERT, 'storepass' : CLIENT_STOREPASS, 'keypass' : CLIENT_KEYPASS, 'keystore' : CLIENT_KEYSTORE, 'storetype' : 'JKS' } '---- Self-Signing client Certificate : %s ---- ' % (USER_2_CERT) { 'certAlias' : USER_2_CERT, 'dname' : USER_2_DN, 'storepass' : CLIENT_STOREPASS, 'keystore' : CLIENT_KEYSTORE, 'keypass' : CLIENT_KEYPASS, 'storetype' : 'JKS' } '---- Self-Signing client Certificate : %s ---- ' % (USER_2_CERT) { 'certAlias' : USER_2_CERT, 'storepass' : CLIENT_STOREPASS, 'keypass' : CLIENT_KEYPASS, 'keystore' : CLIENT_KEYSTORE, 'storetype' : 'JKS' } '---- Export the Server Certificate ----' { 'certAlias' : 'server-cert' , 'outputfile' : SERVER_CERT_FILE, 'storepass' : SERVER_STOREPASS, 'storetype' : 'JKS' } '---- Export the client certificate : : %s ---- ' % (USER_1_CERT) { 'certAlias' : USER_1_CERT, 'outputfile' : USER_1_CERT_FILE, 'storepass' : CLIENT_STOREPASS, 'keystore' : CLIENT_KEYSTORE, 'storetype' : 'JKS' } '---- Export the client certificate in RFC : : %s ---- ' % (USER_1_CERT) { 'certAlias' : USER_1_CERT, 'outputfile' : USER_1_CERT_FILE_RFC, 'storepass' : CLIENT_STOREPASS, 'keystore' : CLIENT_KEYSTORE, 'format' : 'rfc', 'storetype' : 'JKS' } '---- Export the client certificate : : %s ---- ' % (USER_2_CERT) { 'certAlias' : USER_2_CERT, 'outputfile' : USER_2_CERT_FILE, 'storepass' : CLIENT_STOREPASS, 'keystore' : CLIENT_KEYSTORE, 'storetype' : 'JKS' } '---- Export the client certificate in RFC format : : %s ---- ' % (USER_2_CERT) { 'certAlias' : USER_2_CERT, 'outputfile' : USER_2_CERT_FILE_RFC, 'storepass' : CLIENT_STOREPASS, 'keystore' : CLIENT_KEYSTORE, 'format' : 'rfc', 'storetype' : 'JKS' } '---- Import the Server Certificate under the client keystore----' { 'certAlias' : 'server-cert', 'inputfile' : SERVER_CERT_FILE, 'storepass' : CLIENT_STOREPASS, 'keystore' : CLIENT_KEYSTORE, 'storetype' : 'JKS' } '---- Import the client Certificates %s under the server keystore----' % (USER_1_CERT) { 'certAlias' : USER_1_CERT, 'inputfile' : USER_1_CERT_FILE, 'storepass' : SERVER_STOREPASS, 'storetype' : 'JKS' } '---- Import the client Certificates %s under the server keystore----' % (USER_2_CERT) { 'certAlias' : USER_2_CERT, 'inputfile' : USER_2_CERT_FILE, 'storepass' : SERVER_STOREPASS, 'storetype' : 'JKS' } '---- Configure SSL and TLS----' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD, 'keystorePin' : SERVER_STOREPASS, 'certAlias' : 'server-cert'} 'Security: Client_auth: Searching with SSL Connection' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_SSL_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'dsBaseDN' : DIRECTORY_INSTANCE_SFX, 'dsScope' : 'base', 'dsFilter' : 'objectclass=*' , 'dsUseSSL' : ' ', 'dsTrustAll' : ' ', 'expectedRC' : 0 } 'Security: Client_auth: Searching with StartTLS Connection' { 'dsInstanceHost' : DIRECTORY_INSTANCE_HOST , 'dsInstancePort' : DIRECTORY_INSTANCE_PORT , 'dsInstanceDn' : DIRECTORY_INSTANCE_DN , 'dsInstancePswd' : DIRECTORY_INSTANCE_PSWD , 'dsBaseDN' : DIRECTORY_INSTANCE_SFX, 'dsScope' : 'base', 'dsFilter' : 'objectclass=*' , 'dsUseStartTLS' : ' ', 'dsTrustAll' : ' ', 'expectedRC' : 0 } { 'location' : STAF_REMOTE_HOSTNAME, 'certificate' : USER_1_CERT, 'filename' : USER_1_CERT_FILE_RFC, 'userdn' : USER_1_DN, 'localLdifFile' : localUser1LdifFile, 'remoteLdifFile' : remoteUser1LdifFile } { 'location' : STAF_REMOTE_HOSTNAME, 'certificate' : USER_2_CERT, 'filename' : USER_2_CERT_FILE_RFC, 'userdn' : USER_2_DN, 'localLdifFile' : localUser2LdifFile, 'remoteLdifFile' : remoteUser2LdifFile }