The following example illustrates how to run the prepare-external-server tool to prepare a Directory Server on the remote host,, listening on port 1636. The Directory Server is being accessed by a Directory Proxy Server that uses the default user account cn=Proxy User,cn=Root DNs,cn=config. Since a password to the truststore is not provided, the truststore defined in the --proxyTrustStorePath is referenced in a read-only manner.

  • Use the prepare-external-server tool to prepare the Directory Server. Follow the prompts to set up the external server.
    $ ./PingDirectoryProxy/bin/prepare-external-server \
      --baseDN dc=example,dc=com
      --proxyBindPassword password \
      --hostname \
      --useSSL \
      --port 1636
      --proxyTrustStorePath /full/path/to/trust/store \
      --proxyTrustStorePassword secret   
    Testing connection to .....
    Do you wish to trust the following certificate?
    Certificate Subject:, O=Example Self-Signed Certificate 
    Issuer Subject:, O=Example Self-Signed Certificate 
    Validity:            Thu May 21 08:02:30 CDT 2009 to Wed May 16 08:02:30 CDT 2029   
    Enter 'y' to trust the certificate or 'n' to reject it.
    The certificate was added to the local trust store
    Testing 'cn=Proxy User' access to ..... Failed to bind as
    'cn=Proxy User'
    Would you like to create or modify root user 'cn=Proxy User' so that it is available
    for this Directory Proxy Server? (yes / no) [yes]:
    Enter the DN of an account on with which to create or 
    manage the 'cn=Proxy User' account [cn=Directory Manager]:
    Enter the password for 'cn=Directory Manager':
    Created 'cn=Proxy User,cn=Root DNs,cn=config'
    Testing 'cn=Proxy User' privileges ..... Done