2007/10/5, Victor Hugo dos Santos <listas.vhs at gmail.com>: > 2007/10/3, Enrico M. V. Fasanelli <Enrico.M.V.Fasanelli at le.infn.it>: > > Hi Victor, [...] > openssl genrsa -out slapd-fds2-key3.db 2048 > openssl req -new -key slapd-fds2-key3.db -out vhs.csr -subj > 'CN=fds.multi.com/subjectAltName=DNS:fds.multi.com/subjectAltName=DNS:fds2.multi.com' > > and work fine... i get one certificate request with all fields and > send for my CA (cacert.org) and I receive the certificate signed with > all fields, but i dont how install it for CLI !!! for the wizard I > receive one other error "this key not found - this certificate is > generate in the server ???" > > any solution ??? ok.. ok.. two coffees and one minutes of relax... I re-read the manual of certutil http://www.mozilla.org/projects/security/pki/nss/tools/certutil.html and run this commands: certutil -R -d . -P slapd-fds2- -s CN=fds2.multi.com -o cert.req -a -8 fds.multi.com,fds2.multi.com,ldap.multi.com I send the cert.req file for cacert.org and I receive the signed certificate signed and work fine !!!:-) my problem(s) is: - unknown the function of option "-p", where "slapd-fds2-" is the name of instance - the option "-8".. I think that the others names (fds.multi.com, fds2.multi.com, ldap.multi.com) they went in the subject (option -s).. but no !!! this parameters went for separate.. and is the principal problem (for my). bye -- -- Victor Hugo dos Santos Linux Counter #224399
