In this example, the server is configured on the remote host, listening on port 1636.

The Directory Server is being accessed by a Directory Server that uses the default user account cn=Proxy User,cn=Root DNs,cn=config. Because a password to the trust store is not provided, the trust store defined in the --proxyTrustStorePath is referenced in a read-only manner.

  • To prepare the Directory Server, use the prepare-external-server tool.
    $ ./PingDirectory/bin/prepare-external-server \
      --baseDN dc=example,dc=com
      --proxyBindPassword password \
      --hostname \
      --useSSL \
      --port 1636
      --proxyTrustStorePath /full/path/to/trust/store \
      --proxyTrustStorePassword secret   
  • Follow the prompts to set up the external server.
    Testing connection to .....
    Do you wish to trust the following certificate?
    Certificate Subject:, O=Example Self-Signed Certificate 
    Issuer Subject:, O=Example Self-Signed Certificate 
    Validity:            Thu May 21 08:02:30 CDT 2009 to Wed May 16 08:02:30 CDT 2029   
    Enter 'y' to trust the certificate or 'n' to reject it.
    The certificate was added to the local trust store
    Testing 'cn=Proxy User' access to ..... Failed to bind as
    'cn=Proxy User'
    Would you like to create or modify root user 'cn=Proxy User' so that it is available
    for this Directory Proxy Server? (yes / no) [yes]:
    Enter the DN of an account on with which to create or 
    manage the 'cn=Proxy User' account [cn=Directory Manager]:
    Enter the password for 'cn=Directory Manager':
    Created 'cn=Proxy User,cn=Root DNs,cn=config'
    Testing 'cn=Proxy User' privileges ..... Done