FDS User wrote: > I tried changing the permission for local.conf and restarted both > admin and dir server. That didn't solve the issue. > Attached is the error I get when the login fails. For the console login dialog, for the admin url field, did you use https://host:port/ ? tail admin-serv/logs/error > > Thanks. > > Richard Megginson wrote: >> FDS User wrote: >>> Below is the ls and grep output. >>> >>> [root at ldap slapd-ldap]# ls -al /opt/fedora-ds/alias >>> <snip> looks ok >>> >>> >>> [root at ldap slapd-ldap]# ls -al /opt/fedora-ds/admin-serv/config >>> total 84 >>> drwxr-xr-x 2 nobody nobody 4096 May 9 10:31 . >>> drwxr-xr-x 8 root root 4096 May 9 10:32 .. >>> -rw------- 1 nobody nobody 544 May 10 13:17 adm.conf >>> -rw------- 1 nobody nobody 39 May 7 18:28 admpw >>> -rw------- 1 root root 4598 May 7 18:28 admserv.conf >>> -rw------- 1 nobody nobody 3702 May 10 13:17 console.conf >>> -rw------- 1 root root 26784 May 7 18:28 httpd.conf >>> -rw-r--r-- 1 root root 19233 May 7 18:28 local.conf >> This is the likely culprit. Shut down the admin server, then chown >> nobody:nobody local.conf, then restart. >>> -r-------- 1 nobody nobody 4604 May 7 18:29 nss.conf >>> >>> >>> [root at ldap slapd-ldap]# grep NSS >>> /opt/fedora-ds/admin-serv/config/console.conf >>> NSSEngine on >>> NSSNickname server-cert >>> # The NSS security database directory that holds the certificates and >>> NSSCertificateDatabase /opt/fedora-ds/alias >>> NSSDBPrefix admin-serv-ldap- >>> NSSCipherSuite >>> +des,+rc2export,+rc4export,+desede3,+rc4,+rc2,+rsa_rc2_40_md5,+rsa_rc4_128_md5,+rsa_3des_sha,+rsa_rc4_40_md5,+fips_des_sha,+fips_3des_sha,+rsa_des_sha,-rsa_null_md5 >>> >>> NSSVerifyClient none >>> >>> >>> >>> Richard Megginson wrote: >>>> >>>> >>>> FDS User wrote: >>>>> Hi, >>>>> I am getting "PSET failure: PSET attribute creation or local cache >>>>> update failed" when I try to enable SSL for admin server using the >>>>> encryption tab. >>>>> I have used it in the past without issues and now for some reason >>>>> I get this error after doing a re-install of fds. >>>>> I used the SSL script from the fds site to generate the certs. >>>>> >>>>> Admin server log has this error: >>>>> [error] SSL Library Error: -12271 SSL client cannot verify your >>>>> certificate >>>>> >>>>> Any help is highly appreciated. >>>> ls -al /opt/fedora-ds/alias >>>> ls -al /opt/fedora-ds/admin-serv/config >>>> >>>> grep NSS /opt/fedora-ds/admin-serv/config/console.conf >>>>> >>>>> Thanks. >>>>> >>>>> >>>>> -- >>>>> Fedora-directory-users mailing list >>>>> Fedora-directory-users at redhat.com >>>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users >>>> ------------------------------------------------------------------------ >>>> >>>> >>>> -- >>>> Fedora-directory-users mailing list >>>> Fedora-directory-users at redhat.com >>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users >>>> >>> ------------------------------------------------------------------------ >>> >>> >>> -- >>> Fedora-directory-users mailing list >>> Fedora-directory-users at redhat.com >>> https://www.redhat.com/mailman/listinfo/fedora-directory-users >>> -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3245 bytes Desc: S/MIME Cryptographic Signature Url : http://lists.fedoraproject.org/pipermail/389-users/attachments/20070510/fc6e1cf0/attachment.bin
