Red Hat DIRECTORY SERVER 8.0 Command Reference Manual page 183

Option
-m
-N
-P
-Q
-W
Description
cert8.db file (the path which is specified with
the -P option).
Specifies the path to the security module
database, such as /etc/dirsrv/
slapd-instance_name/secmod.db. This
option only need to be given if the security
module database is in a different directory than
the certificate database itself.
Specifies the certificate name to use for
certificate-based client authentication, such as -
N "Server-Cert". If this option is specified,
then the -Z, -P, and -W options are required.
Also, if this option is specified, then the -D and
-w options must not be specified, or certificate-
based authentication will not occur, and the bind
operation will use the authentication credentials
specified on -D and -w.
Specifies the absolute path, including the option,
of the certificate database of the client. This
option is used only with the -Z option.
When used on a machine where an SSL-enabled
web browser is configured, the path specified on
this option can be that of the certificate database
for the browser. For example:
-P /security/cert.db
The client security files can also be stored on
the Directory Server in the /etc/dirsrv/
slapd-instance_name directory. In this case,
the -P option would call out a path and filename
similar to the following:
-P /etc/dirsrv/slapd-instance_name/client-
cert.db
Specifies the token and certificate name, which is
separated by a semi-colon (:) for PKCS11.
Specifies the password for the private key
database identified in the -P option. For
example:
-W serverpassword
If a dash (-) is used as the password value,
the utility promptes for the password after the
command is entered. This avoids having the
password on the command line.
ldapsearch
173