Installing the first Directory Proxy Server - PingDirectory - PingDirectoryProxy

Installing the first Directory Proxy Server - PingDirectory - PingDirectoryProxy - 8.2

PingDirectory

bundle

pingdirectory-82

ft:publication_title

PingDirectory

Product_Version_ce

PingDirectory 8.2

category

Product

pd-82

pingdirectory

ContentType_ce

Page created: 22 Jul 2020 |

Page updated: 1 Feb 2021

| 2 min read

8.2 Product PingDirectory PingDirectoryProxy Directory Capability Product documentation Content Type Administration User task Installation IT Operations Audience IT Administrator Administrator System Administrator Software Deployment Method

To begin with, we have the PingDirectoryProxy Server installation zip file. In this example, we plan to use SSL security, so we also have a keystore certificate database and a pin file that contains the private key password for the keystore. The keystore files are only necessary when using SSL or StartTLS.

In this deployment scenario, the keystore database is assumed to be a Java Keystore (JKS), which can be created by the keytool program. For more information about using the keytool, see the "Security Chapter" in the PingDirectory Server Administration Guide.

The PingDirectoryProxy directory contains the following:

root@proxy-east-01: ls
ExampleKeystore.jks   ExampleTruststore.jks ExampleKeystore.pin 
PingDirectoryProxy-8.0.0.0-with-je.zip

The ExampleKeystore.jks keystore file contains the private key entry for the proxy-east-01.example.com server certificate with the alias server-cert. The server certificate, CA, and intermediate signing certificates are all contained in the ExampleTruststore.jks file. The password for ExampleKeystore.jks is defined in clear text in the corresponding pin file, though the name of the file need not match as it does in our example. The private key password in our example is the same as the password defined for the ExampleKeystore.jks keystore.

Unzip the compressed archive file into the PingDirectoryProxy directory and move to this directory.

root@proxy-east-01: unzip -q PingDirectoryProxy-<version>-with-je.zip
root@proxy-east-01: cd PingDirectoryProxy

Because we are configuring SSL security, copy the keystore and pin files into the config directory.
```
root@proxy-east01: cp ../*Keystore* config/ 
root@proxy-east01: cp ../*Truststore* config/
```

Next, we install the first proxy server by running the setup tool on proxy-east-01.example.com as follows:

root@proxy-east01: ./setup --no-prompt --acceptLicense \ 
--ldapPort 389 --rootUserPassword pass \ 
--aggressiveJVMTuning --maxHeapSize 1g \ 
--enableStartTLS --ldapsPort 636 \    
--useJavaKeystore config/ExampleKeystore.jks \ 
--keyStorePasswordFile config/ExampleKeystore.pin \ 
--certNickname server-cert \ 
--useJavaTrustStore config/ExampleTruststore.jks

New keystore password files are created in config/keystore.pin. The original file, config/ExampleKeystore.pin, is no longer needed.

If you are not using SSL or StartTLS, then the SSL arguments are not necessary as follows:
```
root@proxy-east01: ./setup --no-prompt --acceptLicense \ 
--ldapPort 389 --rootUserPassword pass \ 
--aggressiveJVMTuning --maxHeapSize 1g
```
Once you have installed the Directory Proxy Server, you can configure it using the create-initial-proxy-config tool as presented in the next section.