certutil: generating new .db files for server

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi all,

I'm generating new *.db files for my server, where I will install a new root
ca, and a new server cert (new *.db files allows me to easily test and back
out). I have a couple of questions about *.db files and how FDS uses them:

1. When I use certutil -N to create the new db files, is the value I give to
the '-P' flag arbitrary, or does the server look for a specific value based
on instance name or something? I have new files called 'slapd-ldap-cert8.db'
and 'slapd-ldap-key3.db', because I thought this prefix value was arbitrary,
but FDS fails to start because it says that files '
slapd-ldap-testbox-cert8.db' and 'slapd-ldap-testbox-key3.db' are missing.
Those are the *old* db file names.

2. Related to 1, how do I (from the command line) change what files FDS
looks for? Is this possible? Recommended?

3. Is it true that I cannot reuse a signed server certificate in a newly
created database, even if the new database has the same root ca installed as
the old one? I need to generate a request every time I run certutil -N?

4. Are there other rules that these files have to conform to in order for
the server to start up? Are there docs on this that I've missed? Links? I've
seen the mozilla NSS docs, but they're mostly for developers (except for the
decent certutil reference), and the RHDS docs do everything from the GUI as
far as I've seen.

Thanks.
brian.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.fedoraproject.org/pipermail/389-users/attachments/20060710/a9321407/attachment.html 


[Index of Archives]     [Fedora User Discussion]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Yosemite Photos]     [Linux Apps]     [Maemo Users]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux