asadmin [asadmin-options] enable-secure-admin-principal [--help]
--alias aliasname | DN
enable-secure-admin-principal DRAFT |
Previous | Next | Contents |
Instructs \{product---name}, when secure admin is enabled, to accept admin requests from clients identified by the specified SSL certificate.
Synopsis
asadmin [asadmin-options] enable-secure-admin-principal [--help]
--alias aliasname | DN
Description
The enable-secure-admin-principal
subcommand instructs
\{product---name} to accept admin requests when accompanied by an SSL
certificate with the specified distinguished name (DN). If you use the
"--alias
aliasname" form, then \{product---name} looks in its
truststore for a certificate with the specified alias and uses the DN
associated with that certificate. Otherwise, \{product---name} records
the value you specify as the DN.
You must specify either the --alias
option, or the DN.
You can run enable-secure-admin-principal
multiple times so that
\{product---name} accepts admin requests from a client sending a
certificate with any of the DNs you specify.
When you run enable-secure-admin
, \{product---name} automatically
records the DNs for the admin alias and the instance alias, whether you
specify those values or use the defaults. You do not need to run
enable-secure-admin-principal
yourself for those certificates. Other
than these certificates, you must run enable-secure-admin-principal
for any other DN that \{product---name} should authorize to send admin
requests. This includes DNs corresponding to trusted certificates (those
with a certificate chain to a trusted authority.)
Options
Options for the asadmin
utility. For information about these
options, see the asadmin
(1M) help page.
--help
-?
Displays the help text for the subcommand.
--alias
The alias name of the certificate in the trust store. \{product---name} looks up certificate in the trust store using that alias and, if found, stores the corresponding DN as being valid for secure administration. Because alias-name must be an alias associated with a certificate currently in the trust store, you may find it most useful for self-signed certificates.
Operands
The distinguished name of the certificate, specified as a
comma-separated list in quotes. For example,
"CN=system.amer.oracle.com,OU=GlassFish,O=Oracle Corporation,L=Santa Clara,ST=California,C=US"
.
Examples
Example 1 Trusting a DN for secure administration
The following example shows how to specify a DN for authorizing access in secure administration.
asadmin> enable-secure-admin-principal
"CN=system.amer.oracle.com,OU=GlassFish,
O=Oracle Corporation,L=Santa Clara,ST=California,C=US"
Command enable-secure-admin-principal executed successfully.
Exit Status
subcommand executed successfully
error in executing the subcommand
See Also
Previous | Next | Contents |
DRAFT