Whoops, not correct. The format of the password file is tokenname:password e.g. internal:password Richard Megginson wrote: > Kevin M. Myer wrote: > >> Quoting Richard Megginson <rmeggins at redhat.com>: >> >>> Craig White wrote: >>> >>>> On Thu, 2005-12-08 at 19:11 -0700, Richard Megginson wrote: >>>> >>>>> Darn it. That's right. With SSL enabled, you must start the >>>>> server from the console, in order to provide the pin for the >>>>> key/cert db. >>>>> >>>>> If you want to do unattended server restarts, you have to purchase >>>>> a PKCS11 Hardware Security Module or create a slapd-svr1-pin.txt >>>>> file in the proper format with the cleartext password in it. >>>>> >>>> ---- >>>> OK - important detail >>>> >>>> slapd-srv1-pin.txt >>>> >>>> does that go in >>>> >>>> /opt/fedora-ds/alias ? >>>> /opt/fedora-ds/slapd-srv1 ? >>>> >>> It should go in the alias directory and have the following format: >>> Internal (Software) Token:password >>> >> >> Is there an equivalent setup for the admin server, either using a >> security module, or other means? > > > Yes. In admin-serv/config/console.conf, change > NSSPassPhraseDialog builtin > to > NSSPassPhraseDialog file:/opt/fedora-ds/alias/admin-serv-pin.txt > > Then put the password in cleartext in the file > /opt/fedora-ds/alias/admin-serv-pin.txt > > You can name the file whatever you like. > >> >> Kevin >> >------------------------------------------------------------------------ > >-- >Fedora-directory-users mailing list >Fedora-directory-users at redhat.com >https://www.redhat.com/mailman/listinfo/fedora-directory-users > > -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3178 bytes Desc: S/MIME Cryptographic Signature Url : http://lists.fedoraproject.org/pipermail/389-users/attachments/20051208/3bf6444c/attachment.bin
