Challenge PKI : 6.1. Setup LDAP with virtual hosts.

[BACK]

In real environment, JCSI, SECOM, JPKI and LGPKI LDAP servers are refered as referral. However only JCSI and SECOM LDAP servers will be refered as referral.

6.1.1. Setup LDIFs

When you want to assign multiple IP addresses to one Linux machine, you can use virtual host function. See here for detail.


# 1. move into LDIF data directory for 'ldap1' server.	

% cd /usr/local/cpki/testcase/cpki2002jpki2/data/ldif/ldap1 (default)

# 2. clear all DITs on the LDAP server 'ldap1'.

% cpki_ldapclean -h ldap1

# 3. set the LDIF file to 'ldap1' LDAP server.

% cpki_ldapadd -h ldap1 -f z.ldif



# 4. move into LDIF data directory for 'ldap2' server.	

% cd /usr/local/cpki/testcase/cpki2002jpki2/data/ldif/ldap2 (default)

# 5. clear all DITs on the LDAP server 'ldap2'.

% cpki_ldapclean -h ldap2

# 6. set the LDIF file to 'ldap2' LDAP server.

% cpki_ldapadd -h ldap2 -f z.ldif



# 7. move into LDIF data directory for 'ldap3' server.	

% cd /usr/local/cpki/testcase/cpki2002jpki2/data/ldif/ldap3 (default)

# 8. clear all DITs on the LDAP server 'ldap3'.

% cpki_ldapclean -h ldap3

# 9. set the LDIF file to 'ldap3' LDAP server.

% cpki_ldapadd -h ldap3 -f z.ldif

6.1.2. When you add or modify test data

After you modify the test case database, you need to generate LDIF file and/or TA/EE certificates again. For example, JCSI data which are directory entries and/or cAcertifiate, CRLs and cross certificate pairs have been changed. Run scripts as follows.


# 1. move into LDIF data directory for 'ldap2' server which is

#    fake JCSI repository.	

% cd /usr/local/cpki/testcase/cpki2002jpki2/data/ldif/ldap2 (default)

# 2. delete old data.

% make clean

# 3. rebuild LDIF file.

% make z.ldif

JNSA/IPA Challenge PKI Test Suite