Richard Megginson wrote: > Micha? Dro?dziewicz wrote: >> Hello, >> I know how to generate certs with passwords, but this results in >> password prompt at server startup and reboot. Is there a way to >> generate SSL certificate without password? > NSS always requires a password in order to unlock your server key. See > the shell script at > http://directory.fedora.redhat.com/wiki/Howto:SSL#Script for an example > of how to create a password file. Actually, a password isn't required by NSS. To change an existing database to a NULL password use the modutil command. Its syntax is slightly different from the other NSS utilities but it has a decent help output if you don't get it quite right. To change an existing database to be a blank password: % modutil -dbdir /opt/fedora-ds/alias -dbprefix slapd-foo- -changepw "NSS Certificate DB" Enter the old password then press Enter twice for the new password to blank it out. To generate a new database with a blank password with certutil do something like: % certutil -N -d /opt/fedora-ds/alias -P slapd-foo- Press Enter twice. rob -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3245 bytes Desc: S/MIME Cryptographic Signature Url : http://lists.fedoraproject.org/pipermail/389-users/attachments/20070124/4075b93c/attachment.bin
