Install the first Directory Proxy Server from the .zip installation file.
To begin with, we have the PingDirectoryProxy installation .zip file. In this example, we plan to use SSL security, so we also have a key store certificate database and a .pin file that contains the private key password for the key store. The key store files are only necessary when using SSL or StartTLS.
In this deployment scenario, the key store database is assumed to be a Java KeyStore (JKS), which can be created by the keytool program.
The PingDirectory directory contains the following.
root@proxy-east-01: ls ExampleKeystore.jks ExampleTruststore.jks ExampleKeystore.pin PingDirectory-188.8.131.52-with-je.zip
ExampleKeystore.jks key store file contains the private key entry
for the proxy-east-01.example.com server certificate with the alias
server-cert. The server certificate, certificate authority (CA),
and intermediate signing certificates are all contained in the
ExampleTruststore.jks file. The password for
ExampleKeystore.jks is defined in clear text in the corresponding
.pin file, though the name of the file need not match as it does
in this example. The private key password in this example is the same as the password
defined for the ExampleKeystore.jks key store.
Extract the compressed archive file into the PingDirectory
directory and move to this directory.
root@proxy-east-01: unzip -q PingDirectory-<version>-with-je.zip root@proxy-east-01: cd PingDirectory
Copy the key store and .pin files into the
root@proxy-east01: cp ../*Keystore* config/ root@proxy-east01: cp ../*Truststore* config/
Install the first proxy server by running the
setup tool on
root@proxy-east01: ./setup --no-prompt --acceptLicense \ --ldapPort 389 --rootUserPassword pass \ --maxHeapSize 1g --enableStartTLS --ldapsPort 636 \ --useJavaKeystore config/ExampleKeystore.jks \ --keyStorePasswordFile config/ExampleKeystore.pin \ --certNickname server-cert \ --useJavaTrustStore config/ExampleTruststore.jks
New key store password files are created in config/keystore.pin. The original file, config/ExampleKeystore.pin, is no longer needed. If you are not using SSL or StartTLS, then the SSL arguments are not necessary.
root@proxy-east01: ./setup --no-prompt --acceptLicense \ --ldapPort 389 --rootUserPassword pass --maxHeapSize 1g
After installing the Directory Server, you can configure it using the create-initial-proxy-config tool as presented in Configuring the first Directory Proxy Server.