I tried changing the permission for local.conf and restarted both admin and dir server. That didn't solve the issue. Attached is the error I get when the login fails. Thanks. Richard Megginson wrote: > FDS User wrote: >> Below is the ls and grep output. >> >> [root at ldap slapd-ldap]# ls -al /opt/fedora-ds/alias >> <snip> looks ok >> >> >> [root at ldap slapd-ldap]# ls -al /opt/fedora-ds/admin-serv/config >> total 84 >> drwxr-xr-x 2 nobody nobody 4096 May 9 10:31 . >> drwxr-xr-x 8 root root 4096 May 9 10:32 .. >> -rw------- 1 nobody nobody 544 May 10 13:17 adm.conf >> -rw------- 1 nobody nobody 39 May 7 18:28 admpw >> -rw------- 1 root root 4598 May 7 18:28 admserv.conf >> -rw------- 1 nobody nobody 3702 May 10 13:17 console.conf >> -rw------- 1 root root 26784 May 7 18:28 httpd.conf >> -rw-r--r-- 1 root root 19233 May 7 18:28 local.conf > This is the likely culprit. Shut down the admin server, then chown > nobody:nobody local.conf, then restart. >> -r-------- 1 nobody nobody 4604 May 7 18:29 nss.conf >> >> >> [root at ldap slapd-ldap]# grep NSS >> /opt/fedora-ds/admin-serv/config/console.conf >> NSSEngine on >> NSSNickname server-cert >> # The NSS security database directory that holds the certificates and >> NSSCertificateDatabase /opt/fedora-ds/alias >> NSSDBPrefix admin-serv-ldap- >> NSSCipherSuite >> +des,+rc2export,+rc4export,+desede3,+rc4,+rc2,+rsa_rc2_40_md5,+rsa_rc4_128_md5,+rsa_3des_sha,+rsa_rc4_40_md5,+fips_des_sha,+fips_3des_sha,+rsa_des_sha,-rsa_null_md5 >> >> NSSVerifyClient none >> >> >> >> Richard Megginson wrote: >>> >>> >>> FDS User wrote: >>>> Hi, >>>> I am getting "PSET failure: PSET attribute creation or local cache >>>> update failed" when I try to enable SSL for admin server using the >>>> encryption tab. >>>> I have used it in the past without issues and now for some reason I >>>> get this error after doing a re-install of fds. >>>> I used the SSL script from the fds site to generate the certs. >>>> >>>> Admin server log has this error: >>>> [error] SSL Library Error: -12271 SSL client cannot verify your >>>> certificate >>>> >>>> Any help is highly appreciated. >>> ls -al /opt/fedora-ds/alias >>> ls -al /opt/fedora-ds/admin-serv/config >>> >>> grep NSS /opt/fedora-ds/admin-serv/config/console.conf >>>> >>>> Thanks. >>>> >>>> >>>> -- >>>> Fedora-directory-users mailing list >>>> Fedora-directory-users at redhat.com >>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users >>> ------------------------------------------------------------------------ >>> >>> >>> -- >>> Fedora-directory-users mailing list >>> Fedora-directory-users at redhat.com >>> https://www.redhat.com/mailman/listinfo/fedora-directory-users >>> >> ------------------------------------------------------------------------ >> >> -- >> Fedora-directory-users mailing list >> Fedora-directory-users at redhat.com >> https://www.redhat.com/mailman/listinfo/fedora-directory-users >> -------------- next part -------------- A non-text attachment was scrubbed... Name: adminconsole.pdf Type: application/pdf Size: 18206 bytes Desc: not available Url : http://lists.fedoraproject.org/pipermail/389-users/attachments/20070510/f37f9be8/attachment.pdf
