Jeff Gamsby Center for X-Ray Optics Lawrence Berkeley National Laboratory (510) 486-7783 Richard Megginson wrote: > Jeff Gamsby wrote: >> >> >> Richard Megginson wrote: >>> Jeff Gamsby wrote: >>>> >>>> I am having a hard time getting the admin console to work in ssl >>>> mode. I get this "notice" error in the admin serv logs, is it a >>>> cause for concern? As far as I know, everything is setup correctly. >>>> >>>> [notice] [client xxx.xxx.xxx.xxx] admserv_host_ip_check: >>>> ap_get_remote_host could not resolve xxx.xxx.xxx.xxx >>> This usually means reverse DNS is not working. >>>> >>>> I have created the certificates, >>> Following the SSL howto at >>> http://directory.fedora.redhat.com/wiki/Howto:SSL ? >> >> Yes, but instead of creating an admin-serv-<serverID>- I copied the >> slapd-<serverID>- cert db's over. >> It is true that I can use these same certs? > I think so, but I've never tried it that way. >> >> I tried creating the admin certs db's seperately and importing the CA >> cert, but that did't work either. >> >> I had this working a few weeks ago, I'm not sure what has changed. > What, if anything, has changed? I blew away the server and started over. When I had password sync problems with AD, I reinstalled the server several times. Each time I reinstall, I delete the /opt/fedora-ds directory. I don't really care about the admin console in SSL mode, I can use the Linux console or X, but I need the Sync agreements to run SSL in both directions, and so far, the only way I been able to establish that is when the admin console is in SSL mode. Unless there is another way. >> >>>> then copied the slapd-<server>-* files to admin-serv-*, then tried >>>> to enable SSL in the admin console. I have followed the directions >>>> from "Managing SSL and SASL" but I get the error "Invalid LDAP >>>> Host/IP, could not connect to server in secure mode" when I change >>>> to secure mode in the "User DS" tab. >>> This error is from the console? Try using startconsole -D >> Using this method I get this error: >> >> validateLDAPParams netscape.ldap.LDAPException: >> JSSSocketFactory.makeSocket fds.server.example.com:636, >> SSL_ForceHandshake failed: (-8054) Unknown error (91); Cannot connect >> to the LDAP server >>>> >>>> Any suggestions? >>>> >>>> Thanks, >>>> Jeff >>>> >>>> -- >>>> Fedora-directory-users mailing list >>>> Fedora-directory-users at redhat.com >>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users >>> ------------------------------------------------------------------------ >>> >>> >>> -- >>> Fedora-directory-users mailing list >>> Fedora-directory-users at redhat.com >>> https://www.redhat.com/mailman/listinfo/fedora-directory-users >>> >> >> -- >> Fedora-directory-users mailing list >> Fedora-directory-users at redhat.com >> https://www.redhat.com/mailman/listinfo/fedora-directory-users > ------------------------------------------------------------------------ > > -- > Fedora-directory-users mailing list > Fedora-directory-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users >
