Yes you can, actually I'm actually doing that right now. But it depends on how you generated your certificates. Anyways I'm assuming you are using Fedora Core X if you installed aapche you would have this configeration file /etc/httpd/conf.d/ssl.conf To enable SSL or https you need to configure this file in that file the two lines you need to configure is SSLCertificateFile and SSLCertificateKeyFile. Point it to your certificates # Server Certificate: # Point SSLCertificateFile at a PEM encoded certificate. If # the certificate is encrypted, then you will be prompted for a # pass phrase. Note that a kill -HUP will prompt again. A new # certificate can be generated using the genkey(1) command. #SSLCertificateFile /etc/pki/tls/certs/localhost.crt SSLCertificateFile /etc/httpd/conf/ssl/server.crt # Server Private Key: # If the key is not combined with the certificate, use this # directive to point at the key file. Keep in mind that if # you've both a RSA and a DSA private key you can configure # both in parallel (to also allow the use of DSA ciphers, etc.) #SSLCertificateKeyFile /etc/pki/tls/private/localhost.key SSLCertificateKeyFile /etc/httpd/conf/ssl/server.key One last thing you need to tell apache to tell SSL to be turned on # SSL Engine Switch: # Enable/Disable SSL for this virtual host. SSLEngine on This should be all done on the same file ssl.conf then restart apache then you can do https. But you have to export your SSLCertificateFile and SSLCertificateKeyFile file out. For me I had my certificate files before I converted them to pkcs12 and before I imported them in the form of cert7/key3 for FDS. So I never needed to export it out. If you want to check out I generated the certificates. http://www.csse.uwa.edu.au/~ashley/fedora-ds/fedora-ds-26072006.html Look at Section 2.2 Secure Certificate Generation for LDAP Components The SSL certs I used is generated straight from there for my apache SSL & LDAPS But I'm pretty sure you can export it out? Cheers then, Ashley On Thu, 3 May 2007, Jo De Troy wrote: > Hello, > > I was wondering if it's possible to use the certifcates of Fedora DS for an > Apache webserver running on the LDAP server. > Is it possible to export the certificates in the cert7 and key3 databases > and use the exported certificates for setting up an SSL enabled Apache? > If it's possible how should I go about? > > Thanks in advance, > Jo > > > !DSPAM:272,4639e7c1106801219826867! > -- Ashley Chew - Systems Administrator School of Computer Science and Software Engineering University of Western Australia Tel: (+61 8) 6488 7082 - Fax: (+61 8) 6488 1089 Ashley[@]csse.uwa.edu.au - http://www.csse.uwa.edu.au/~ashley "There is no such thing as Fate, Fate is what you make of it!"
