Server User Manual

Chapter 6. Command-Line Utilities
270
Option Description
If this option is specified, then the -D and -w
options must not be specified, or certificate-
based authentication will not occur, and the bind
operation will use the authentication credentials
specified by -D and -w.
-P Specifies the absolute path, including the
filename, of the certificate database of the client.
This option is used only with the -Z option.
When used on a machine where an SSL-enabled
web browser is configured, the path specified on
this option can be that of the certificate database
for the browser. For example:
-P /security/cert.db
The client security files can also be stored on
the Directory Server in the /etc/dirsrv/
slapd-instance_name directory. In this case,
the -P option would call out a path and filename
similar to the following:
-P /etc/dirsrv/slapd-instance_name/client-
cert.db
-p Specifies the port number that the server uses.
The default is 389. If -Z is used, the default is
636.
-Q Specifies the token and certificate name, which
is separated by a semicolon (:) for PKCS11.
-W Specifies the password for the certificate
database identified on the -P option. For
example:
-W serverpassword
-w Specifies the password associated with the
distinguished name that is specified in the -D
option. For example:
-w diner892
The default is "", or anonymous.
If a password is not sent on the command line
and the server requires one, the command
prompts for one. It is more secure not to provide
a password on the command-line so that it
does not show up in clear text in a listing of
commands.