Specify the certificate to be sent to the back-end LDAP server.
$ dpconf set-server-prop -h host -p port ssl-client-cert-alias:cert-alias |
Where cert-alias is the name of the certificate. For a description of all command options, see the dpconf(1M) man page.
Copy the contents of the certificate to a file.
$ dpadm show-cert -F ascii -o filename instance-path cert-alias |
Add the certificate to the certificate database for the back-end LDAP server as described in To Add the CA-Signed Server Certificate and the Trusted CA Certificate.
Configure the back-end LDAP server for client authentication. For information about how to do this for Directory Server, see Configuring Credential Levels and Authentication Methods.
For information about configuring certificate-based authentication between clients and Directory Proxy Server, see To Configure Certificate-based Authentication.