Setting the ClearQuest LDAP connection information for SSL

Modify the procedure in "Setting the Rational ClearQuest LDAP connection information" if you are setting up LDAP connection information for SSL.

As part of configuring IBM Rational® ClearQuest® to use LDAP authentication, you need to run a series of installutil subcommands. LDAP configuration steps for Rational ClearQuest shows how to use these subcommands. One of the subcommands, setldapinit, sets a parameter string that Rational ClearQuest uses to connect your Rational ClearQuest database set to the LDAP directory. The example of running setldapinit shown in Step 2: Set the Rational ClearQuest LDAP connection information assumes a nonSSL use case. This topic shows which parameters to set when you use SSL. See Syntax for reference topics that describe the syntax for all of the installutil subcommands used to enable LDAP authentication for Rational ClearQuest.

The following example uses the –K option to identify the location of the key database file and stash password file. You must enclose the argument in single quotes. The locations, one on Windows® and one on the UNIX® system and Linux, are accessible to all clients. The –Z option indicates that SSL is to be used.

installutil setldapinit 7.0.0 admin secret "-h 'ourldapserver.ourcompany.com 
altldapserver.ourcompany.com' -Z -K 'win:\\share\cqdata\ldapkey.kdb;unix:/netshare/
cqdata/ldapkey.kdb'"

The following example omits the –K option because the key database file and password stash file are not stored in a central location that is accessible to all clients. Instead, the administrator distributed copies of the files to all clients, and the users either stored the files in the default location, or stored them in a different location and set the RATL_SSL_KEYRING environment variable to point to the key file name by specifying a fully qualified path name.

installutil setldapinit 7.0.0 admin secret "-h 'ourldapserver.ourcompany.com 
altldapserver.ourcompany.com' -Z"
Related concepts
Using certificates from a commercial certificate authority
Related information
Setting the JAVA_HOME environment variable
Creating a key database
Importing self-signed certificates
Distributing the key database file

Feedback