Table of Contents

Search

  1. Preface
  2. Introduction to PowerExchange
  3. DBMOVER Configuration File
  4. Netport Jobs
  5. PowerExchange Message Logs and Destination Overrides
  6. SMF Statistics Logging and Reporting
  7. PowerExchange Security
  8. Secure Sockets Layer Support
  9. PowerExchange Alternative Network Security
  10. PowerExchange Nonrelational SQL
  11. PowerExchange Globalization
  12. Using the PowerExchange ODBC Drivers
  13. PowerExchange Datatypes and Conversion Matrix
  14. DTL__CAPXTIMESTAMP Time Stamps
  15. PowerExchange Glossary

LDAP_TLS Statement

LDAP_TLS Statement

The LDAP_TLS statement enables LDAP secured connections between PowerExchange and the LDAP server and specifies certificate information for a Transport Layer Security (TLS) connection to the LDAP server. You can also configure PowerExchange to use the StartTLS extension to initiate LDAP secured communications.
If you are using an Oracle LDAP client, define the LDAP_TLS statement, and use the default value of ORACLE_LDAP for the fourth positional parameter in the SECURITY statement.
If you are using an OpenLDAP client, use the LDAP_OPENSSL statement instead of the LDAP_TLS statement.
Linux and UNIX
LDAP_SASL_MECH, LDAP_OPENSSL
No
LDAP_TLS=({PASS=
client_passphrase
|EPASS=
client_encrypted_passphrase}
[,KEYNAME=
key_name
] [,CAPATH=
directory
] [,START_TLS=Y|
N
] )
PASS=
client
Optional. The passphrase that is used to access the private key that is associated with the client certificate. Do not enter both the PASS and the EPASS parameters.
EPASS=
client_encrypted
Optional. The encrypted passphrase that is used to access the private key that is associated with the client certificate. Do not enter both the PASS and the EPASS parameters.
You can create an encrypted passphrase in the PowerExchange Navigator by selecting
File
Encrypt Password
.
KEYNAME=
key_name
Optional. The nickname of the client certificate that is used to make an LDAP TLS connection.
CAPATH=
directory
Optional. The directory that is used for the client keystore and CA truststore.
START_TLS={Y|
N
}
Optional. Controls whether PowerExchange uses the StartTLS extended LDAP operation to initiate secure network traffic on a normally unsecured port. Default is N.