Setting the LDAP connection information for SSL

To set up LDAP connection information for SSL, you can modify the procedure in Setting the HCL Compass LDAP connection information.

As part of configuring HCL Compass to use LDAP authentication, you need to run a series of installutil subcommands. LDAP configuration steps for HCL Compass shows how to use these subcommands. One of the subcommands, setldapinit, sets a parameter string that HCL Compass uses to connect your HCL Compass database set to the LDAP directory. The example of running setldapinit shown in Step 2: Set the HCL Compass LDAP connection information assumes a non-SSL use case. This topic shows which parameters to set when you use SSL. See Syntax for reference topics that describe the syntax for all of the installutil subcommands used to enable LDAP authentication for HCL Compass.

Examples

  • The following example uses the -K option to identify the location of the key database file and stash password file. You must enclose the argument in single quotes. The locations, one on Windows™ and one on the UNIX™ system and Linux™, are accessible to all clients. The -Z option indicates that SSL is to be used.
    installutil setldapinit 7.0.0 admin secret "-h 'ourldapserver.ourcompany.com 
    altldapserver.ourcompany.com' -Z -K 'win:\\share\cqdata\ldapkey.kdb;unix:/netshare/
    cqdata/ldapkey.kdb'"
  • The following example omits the -K option because the key database file and password stash file are not stored in a central location that is accessible to all clients. Instead, the administrator distributed copies of the files to all clients, and the users either stored the files in the default location, or stored them in a different location and set the RATL_SSL_KEYRING environment variable to point to the key file name by specifying a fully qualified path name.
    installutil setldapinit 7.0.0 admin secret "-h 'ourldapserver.ourcompany.com 
    altldapserver.ourcompany.com' -Z"