Sun OpenDS Standard Edition System Requirements
Installing the Directory Server
Setting Up the Directory Server
To Set Up the Directory Server Using the GUI
To Set Up the Directory Server Using the CLI
Setting Up Replication During Installation
To Set Up Replication in GUI Mode
Configuring the JVM, Java Options, and Database Cache
Starting and Stopping Your Server Instance
Managing the Server as a Service
The easiest way to get the directory server up and running with SSL, StartTLS, or both, is to use the setup GUI. This tool can be used to set up the server after you have downloaded it as a zip file. QuickSetup enables you to use a self-signed certificate, or an existing certificate in a JKS keystore, a PKCS#12 file, or a PKCS#11 token.
To access the SSL and StartTLS configuration, click the Configure button in front of the LDAP Secure Access field. The following dialog is displayed:
The following fields are included on this screen:
SSL Access. Select this checkbox to indicate that the LDAPS (that is, LDAP over SSL) listener should be enabled. Enter the port number on which the directory server listens for connections.
StartTLS Access. Select this checkbox to configure whether the LDAP connection handler will allow clients to use the StartTLS extended operation to initiate secure communication over an otherwise insecure connection.
Certificate. Select one of the following radio buttons to obtain the certificate that the server should use for SSL, StartTLS, or both:
Generate Self-Signed Certificate will generate a self-signed certificate that can be used to secure the communication. While this is convenient for testing purposes, many clients will not trust the certificate by default, and you might need to configure it manually.
Use an Existing Certificate will use a certificate in an existing JKS keystore, a PKCS #12 file, or a PKCS #11 token. For more information about obtaining certificates, see Configuring Key Manager Providers in Sun OpenDS Standard Edition 2.2 Administration Guide.