Hi all, I have just gone through the setup process to install an instance of Fedora DS. Nowhere in the setup process is SSL or TLS mentioned, at the end of the config process I have an insecure LDAP server. My next task is to try and switch on SSL/TLS for both the admin console, and the LDAP server itself. I figure out how to add my certs to the alias directory using certutil and pk12util. My next task is to move the admin server port from my default 1390 to a secure version at 1637. A recursive grep finds the port 1390 in a whole host of config files. Changing the config files to 1637 causes me to end up with a broken admin server to which startconsole cannot connect. Just to clarify - is it worth me trying to fix the admin server port in my config files, or is this too complicated to be worth while? Should I just delete the fedora-ds installation and start again from scratch? It seems one of the most basic things that need to be fixed in the directory is to simplify the configuration. Some of the config is in Windows INI format, some of the config is in XML, some of the config is in name: value format, it's very difficult as a new user of the software to be able to figure out what is going on. Regards, Graham -- -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3220 bytes Desc: S/MIME Cryptographic Signature Url : http://lists.fedoraproject.org/pipermail/389-users/attachments/20051217/ea27c142/attachment.bin
