SSL directory server gateway

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Ok, I figured this out.  The setupssl.sh script correctly names the cert 
and key databases for the administrator server based on identifier you 
give the directory server on setup.  The default administrator server 
configuration, on the other hand, creates and uses databases named after 
the system's host name.  This problem was corrected by setting the 
correct database file names in 
/opt/fedora-ds/admin-serv/config/adm.conf.  Or alternatively, simply 
copy the database files created by the script to the filenames that the 
administrator wants to use.

The setupssl script should probably be altered to set the correct 
database file names in the adm.conf file.

Thanks for the responses,
Jason


>> Hi all,
>> I'm pretty uncertain about the best way to go about configuring the 
>> admin server to use SSL (FDS1.0.2) .  All of the docs I'm finding are 
>> pretty shaky.  Ultimately, I want users to manage their passwords and 
>> info via the web-based Directory Server Gateway over SSL.  This would 
>> appear to be the same thing as enabling SSL for the admin server.  
>> The setupssl.sh script provided by the SSL howto,  generates the 
>> keys/certs for the admin server and imports them into the appropriate 
>> cert db (I guess, I've performed  the process by hand as well, based 
>> on RedHat's docs and the script itself).  This would imply to me that 
>> the admin console would find the generated certs and present them in 
>> the admin server's console (under the Configuration -> Encryption 
>> tab) in much the same way that it does in the directory server's 
>> console.  I can't tell if something that's suppose to work isn't or 
>> if I'm misunderstanding something.  I'd like to know before I try to 
>> generate new SSL certificates and import them.
> Yes, that's the way it is supposed to work.  I verified that it does 
> work on FC5 using FDS 1.0.2.
>




[Index of Archives]     [Fedora User Discussion]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Yosemite Photos]     [Linux Apps]     [Maemo Users]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux