Using Server API specific SSL properties
Use the listed set of properties to configure the SSL.
When the Java™ System
property api.client.ssl.custom.properties.on is set to true,
then SSL is configured through the following IBM Security Directory Integrator Server
API-specific Java System properties:
- api.client.keystore – specifies the keystore file containing the client certificate
- api.client.keystore.pass – specifies the password of the keystore file specified by api.client.keystore
- api.client.keystore.type – specifies the type of the keystore file specified by api.client.keystore; optional property, if not specified the default keystore format for the JVM will be used
- api.client.key.pass – specifies the password of the private key stored in the keystore file contained in api.client.keystore; if this property is missing, the password specified by api.client.keystore.pass is used instead.
- api.client.truststore – specifies the keystore file containing the IBM® Security Directory Integrator Server public certificate.
- api.client.truststore.pass – specifies the password for the keystore file specified by api.client.truststore.
- api.client.truststore.type – specifies the type of the keystore file specified by api.client.truststore; optional property, if not specified the default keystore format for the JVM will be used
You can specify these properties as JVM arguments on the
command line, for example:
java MyTDIServerAPIClientApp
-Dapi.client.ssl.custom.properties.on=true
-Dapi.client.truststore=C:\TDI\serverapi\testadmin.jks
-Dapi.client.truststore.pass=administrator
-Dapi.client.keystore=C:\TDI\serverapi\testadmin.jks
-Dapi.client.keystore.pass=administratorYou can specify these properties in global.properties or solution.properties when the client is an IBM Security Directory Integrator server.