Installing the first PingDirectoryProxy server
Install the first PingDirectoryProxy server from the .zip
installation file.
About this task
To begin with, we have the PingDirectoryProxy installation .zip
file. In this example, we plan to use SSL security, so we also have a key store certificate database and a .pin
file that contains the private key password for the key store. The key store files are only necessary when using SSL or StartTLS.
In this deployment scenario, the key store database is assumed to be a Java KeyStore (JKS), which can be created by the keytool program.
The PingDirectoryProxy directory contains the following.
root@proxy-east-01: ls ExampleKeystore.jks ExampleTruststore.jks ExampleKeystore.pin PingDirectoryProxy-8.0.0.0-with-je.zip
The ExampleKeystore.jks
key store file contains the private key entry for the proxy-east-01.example.com
server certificate with the alias server-cert
. The server certificate, certificate authority (CA), and intermediate signing certificates are all contained in the ExampleTruststore.jks
file. The password for ExampleKeystore.jks
is defined in clear text in the corresponding .pin
file, though the name of the file need not match as it does in this example. The private key password in this example is the same as the password defined for the ExampleKeystore.jks
key store.
Steps
-
Extract the compressed archive file into the PingDirectoryProxy directory and change to this directory.
Example:
root@proxy-east-01: unzip -q PingDirectoryProxy-<version>-with-je.zip root@proxy-east-01: cd PingDirectoryProxy
-
Copy the key store and
.pin
files into theconfig
directory.Example:
root@proxy-east01: cp ../Keystore config/ root@proxy-east01: cp ../Truststore config/
-
Install the first proxy server by running the
setup
tool onproxy-east-01.example.com
.Example:
root@proxy-east01: ./setup --no-prompt --acceptLicense \ --ldapPort 389 --rootUserPassword pass \ --maxHeapSize 1g --enableStartTLS --ldapsPort 636 \ --useJavaKeystore config/ExampleKeystore.jks \ --keyStorePasswordFile config/ExampleKeystore.pin \ --certNickname server-cert \ --useJavaTrustStore config/ExampleTruststore.jks
Result:
New key store password files are created in
config/keystore.pin
. The original file,config/ExampleKeystore.pin
, is no longer needed. If you are not using SSL or StartTLS, then the SSL arguments are not necessary.root@proxy-east01: ./setup --no-prompt --acceptLicense \ --ldapPort 389 --rootUserPassword pass --maxHeapSize 1g
Next steps
After installing the PingDirectoryProxy server, you can configure it using the create-initial-proxy-config
tool as presented in Configuring the first PingDirectory server.