Both names are exactly the same. Richard Megginson wrote: > Andreas Kekkou wrote: >> Hi Richard, >> >> Nothing has changed. Executing the command you have suggested on both >> servers I get the same output: >> >> [root at serverA alias]# ../shared/bin/certutil -L -P slapd-serverA- -d . >> serverA-cert u,u,u >> Computer Science Department CA CT,, >> >> [root at serverB alias]# ../shared/bin/certutil -L -P slapd-serverB- -d . >> serverB-cert u,u,u >> Computer Science Department CA CT,, >> >> Is there anything else I have to check? > grep -i personality /opt/fedora-ds/slapd-instancename/config/dse.ldif > > The personality name should match with the server cert name in your > certdb. >> >> Cheers. >> >> Andreas >> >> Richard Megginson wrote: >>> Andreas Kekkou wrote: >>>> Hi all, >>>> >>>> I'm running FDS in multi-master mode with two servers. Both servers >>>> are configured with TLS support. One of the servers logs the >>>> following error: >>>> >>>> [25/Oct/2007:08:50:55 +0300] - attrcrypt_unwrap_key: failed to >>>> unwrap key for cipher AES >>>> [25/Oct/2007:08:50:55 +0300] - Failed to retrieve key for cipher >>>> AES in attrcrypt_cipher_init >>>> [25/Oct/2007:08:50:55 +0300] - Failed to initialize cipher AES in >>>> attrcrypt_init >>>> [25/Oct/2007:08:50:55 +0300] - attrcrypt_unwrap_key: failed to >>>> unwrap key for cipher AES >>>> [25/Oct/2007:08:50:55 +0300] - Failed to retrieve key for cipher >>>> AES in attrcrypt_cipher_init >>>> [25/Oct/2007:08:50:55 +0300] - Failed to initialize cipher AES in >>>> attrcrypt_init >>>> [25/Oct/2007:08:50:57 +0300] - slapd started. Listening on All >>>> Interfaces port 389 for LDAP requests >>>> [25/Oct/2007:08:50:57 +0300] - Listening on All Interfaces port 636 >>>> for LDAPS requests >>>> >>>> Both servers seems to work just fine. Any ideas how this can be >>>> resolved? >>> Has your SSL/TLS configuration changed at all? Have you acquired a >>> new cert or renewed an existing cert? >>> cd /opt/fedora-ds/alias >>> ../shared/bin/certutil -L -P slapd-instance- -d . >>>> >>>> Thanks, >>>> >>>> Andreas >>>> -- >>>> Fedora-directory-users mailing list >>>> Fedora-directory-users at redhat.com >>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users >>>> >>> >>> ------------------------------------------------------------------------ >>> >>> >>> -- >>> Fedora-directory-users mailing list >>> Fedora-directory-users at redhat.com >>> https://www.redhat.com/mailman/listinfo/fedora-directory-users >>> >> -- >> Fedora-directory-users mailing list >> Fedora-directory-users at redhat.com >> https://www.redhat.com/mailman/listinfo/fedora-directory-users >> > > ------------------------------------------------------------------------ > > -- > Fedora-directory-users mailing list > Fedora-directory-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > -------------- next part -------------- A non-text attachment was scrubbed... Name: kekkou.a.vcf Type: text/x-vcard Size: 302 bytes Desc: not available Url : http://lists.fedoraproject.org/pipermail/389-users/attachments/20071030/2a67e968/attachment.vcf -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3525 bytes Desc: S/MIME Cryptographic Signature Url : http://lists.fedoraproject.org/pipermail/389-users/attachments/20071030/2a67e968/attachment.bin
