Managing certificates, Access control on the proxy configuration, Table 6–2 – Sun Microsystems 8190994 User Manual
Page 86: Mapping of security configuration
TABLE 6–2
Mapping of Security Configuration
Directory Proxy Server 5 Attribute
Directory Proxy Server 6.0 Property
ids-proxy-con-ssl-key
ssl-key-pin
ids-proxy-con-ssl-cert
ssl-certificate-directory
ssl-server-cert-alias
ids-proxy-con-send-cert-as-client
This attribute enables the proxy server to send its
certificate to the LDAP server to allow the LDAP
server to authenticate the proxy server as an SSL
client.
ssl-client-cert-alias
This property enables the proxy server to send a different
certificate to the LDAP server, depending on whether it is
acting as an SSL Server or an SSL Client.
ids-proxy-con-server-ssl-version
ids-proxy-con-client-ssl-version
No equivalent
ids-proxy-con-ssl-cert-required
This feature can be achieved by setting the following
server property:
$ dpconf set-server-prop
allow-cert-based-auth:require
ids-proxy-con-ssl-cafile
No equivalent
Managing Certificates
Directory Proxy Server 5, certificates were managed by using the certreq utility, or by using the
console. In Directory Proxy Server 6.0, certificates are managed by using the dpadm command,
or by using the DSCC.
Certificates must be installed on each individual data source in Directory Proxy Server 6.0.
For information about managing certificates in Directory Proxy Server 6.0, see Chapter 19,
“Directory Proxy Server Certificates,” in Sun Java System Directory Server Enterprise Edition 6.0
Administration Guide.
Access Control on the Proxy Configuration
In Directory Proxy Server 5, access control on the proxy configuration is managed by ACIs in
the configuration directory server. In Directory Proxy Server 6.0, access to the configuration file
is restricted to the person who created the proxy instance, or to the proxy manager if the
configuration is accessed through Directory Proxy Server. Editing the configuration file directly
is not supported.
Mapping the Global Configuration
Sun Java System Directory Server Enterprise Edition 6.0 Migration Guide • March 2007
86
Sun Confidential: Registered