Steven Jones wrote: > Hi, > > A while back I started the get FDS up and going and it appears I made a > mistake in the server generation file for the SSl certs, basically I did > this, > > ../shared/bin/certutil -S -n "Server-Cert" -s \ > "cn=vuw.ac.nz" -c "CA certificate" -t "u,u,u" -m 1001 -v \ > 120 -d . -z noise.txt -f pwdfile.txt > > When I should have done this, > > ../shared/bin/certutil -S -n "Server-Cert" -s \ > "cn=vuwunicvfdsm001.vuw.ac.nz" -c "CA certificate" -t "u,u,u" -m 1001 -v > \ > 120 -d . -z noise.txt -f pwdfile.txt > > So now I am working back through my notes to fix my mistake but at this > command, > > ../shared/bin/certutil -A -d . -P admin-serv-vuwunicvfdsm001- -n "CA > certificate" -t "CT,," -a -i cacert.asc > > I get this error, > > ======== > certutil-bin: could not obtain certificate from file: You are attempting > to import a cert with the same issuer/serial as an existing cert, but > that is not the same cert. > [root at vuwunicvfdsm001 alias]# > ======== > > How do I fix this please? > You need to remove the old CA cert first. ../shared/bin/certutil -D -d . -P admin-serv-vuwunicvfdsm001- -n "CA certificate" Then import the new CA cert. > regards > > Steven Jones > Senior Linux/Unix/San/Vmware System Administrator > APG -Technology Integration Team > Victoria University of Wellington > Phone: +64 4 463 6272 > > > -- > Fedora-directory-users mailing list > Fedora-directory-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3245 bytes Desc: S/MIME Cryptographic Signature Url : http://lists.fedoraproject.org/pipermail/389-users/attachments/20071204/bae8946b/attachment.bin
