Skip Navigation Links | |
Exit Print View | |
Oracle Directory Server Enterprise Edition Administration Guide 11g Release 1 (11.1.1.5.0) |
Part I Directory Server Administration
2. Directory Server Instances and Suffixes
3. Directory Server Configuration
6. Directory Server Access Control
7. Directory Server Password Policy
8. Directory Server Backup and Restore
9. Directory Server Groups, Roles, and CoS
10. Directory Server Replication
13. Directory Server Attribute Value Uniqueness
15. Directory Server Monitoring
Part II Directory Proxy Server Administration
16. Directory Proxy Server Tools
17. Directory Proxy Server Instances
19. Directory Proxy Server Certificates
20. Directory Proxy Server Load Balancing and Client Affinity
21. Directory Proxy Server Distribution
22. Directory Proxy Server Virtualization
23. Virtual Data Transformations
24. Connections Between Directory Proxy Server and Back-End LDAP Servers
Configuring Connections Between Directory Proxy Server and Back-End LDAP Servers
To Configure the Number of Connections Between Directory Proxy Server and Back-End LDAP Servers
To Configure Connection Timeout
To Configure Connection Pool Wait Timeout
Configuring SSL Between Directory Proxy Server and Back-End LDAP Servers
To Configure SSL Between Directory Proxy Server and a Back-End LDAP Server
Choosing SSL Ciphers and SSL Protocols for Directory Proxy Server
To Choose the List of Ciphers and Protocols
Forwarding Requests to Back-End LDAP Servers
Forwarding Requests With Bind Replay
To Forward Requests With Bind Replay
Forwarding Requests With Proxy Authorization
To Forward Requests by Using Proxy Authorization
Forwarding Requests Without the Client Identity
To Forward Requests Without the Client Identity
Forwarding Requests as an Alternate User
To Configure Remote User Mapping
To Configure Local User Mapping
To Configure User Mapping for Anonymous Clients
25. Connections Between Clients and Directory Proxy Server
26. Directory Proxy Server Client Authentication
27. Directory Proxy Server Logging
28. Directory Proxy Server Monitoring and Alerts
Part III Directory Service Control Center Administration
The following procedure describes how to configure SSL between Directory Proxy Server and back-end LDAP servers.
You can use DSCC to perform this task. For information, see Directory Service Control Center Interface and the DSCC online help.
$ dpconf set-ldap-data-source-prop -h host -p port data-source-name \ ldaps-port:port-number
$ dpconf set-ldap-data-source-prop -h host -p port data-source-name ssl-policy:value
If value is always, SSL is always used for connections.
If value is client, SSL is used if the client is using SSL.
If the connection is not using SSL, you can promote the connection to SSL by using the startTLS command.
Transport Layer Security (TLS) is the standard version of SSL. TLS over LDAP is the IETF approved standard way of securing LDAP. LDAPS is a de facto standard but leads to some complexity such as having two ports instead of only one port for the service.
For information, see To Add a Certificate From a Back-End Directory Server to the Certificate Database on Directory Proxy Server.
For information, see Exporting a Certificate to a Back-End LDAP Server.
For information about restarting Directory Proxy Server, see To Restart Directory Proxy Server.