Steven Jones wrote: > Errors while following, > > http://directory.fedoraproject.org/wiki/Howto:SSL > > # ../shared/bin/certutil -S -n "CA certificate" -s \ > >> "cn=CAcert" -x -t "CT,," -m 1000 -v 120 -d . -z noise.txt -f \ >> pwdfile.txt >> > > > Generating key. This may take a few moments... > > certutil-bin: could not obtain certificate from file: DER-encoded > message contained extra unused data. > I've never seen this error message before. I'm not sure what it means. Do you have a cert8.db and a key3.db in this directory? They should have been created by a previous step. > Does this mean anything? > > Followed by this error, > > [root at vuwunicvfdsm001 alias]# ../shared/bin/certutil -S -n "Server-Cert" > -s\ > >> "cn=vuw.ac.nz" -c "CA certificate" -t "u,u,u" -m 1001 -v \ >> 120 -d . -z noise.txt -f pwdfile.txt >> > > > Generating key. This may take a few moments... > > certutil-bin: could not find certificate named "CA certificate": > security library: bad database. > certutil-bin: unable to create cert (security library: bad database.) > [root at vuwunicvfdsm001 alias]# > > Does this mean anything? > It means the previous step failed, and you cannot continue until it is resolved. > The contents of alias/ are, > > [root at vuwunicvfdsm001 alias]# ls -l > total 608 > -rw------- 1 nobody nobody 65536 Sep 14 09:27 > admin-serv-vuwunicvfdsm001-cert8.db > -rw------- 1 nobody nobody 16384 Sep 14 09:27 > admin-serv-vuwunicvfdsm001-key3.db > -rw------- 1 root root 65536 Sep 14 09:46 cert8.db > -rw------- 1 root root 16384 Sep 14 09:46 key3.db > -rwxr-xr-x 1 nobody nobody 239744 Nov 8 2006 libnssckbi.so > -rw-r--r-- 1 nobody nobody 62 Sep 14 09:44 noise.txt > -rw------- 1 nobody nobody 65536 Sep 13 15:43 > orig-slapd-vuwunicvfdsm001-cert8.db > -rw------- 1 nobody nobody 16384 Sep 13 15:43 > orig-slapd-vuwunicvfdsm001-key3.db > -rw-r--r-- 1 nobody nobody 9 Sep 13 15:43 pwdfile.txt > -rw------- 1 nobody nobody 16384 Sep 13 15:33 secmod.db > -rw------- 1 nobody nobody 65536 Sep 13 15:33 > slapd-vuwunicvfdsm001-cert8.db > -rw------- 1 nobody nobody 16384 Sep 14 09:29 > slapd-vuwunicvfdsm001-key3.db > -rw-r----- 1 nobody nobody 416 Sep 14 09:27 tempcert > -rw-r----- 1 nobody nobody 345 Sep 14 09:27 tempcertreq > > It is possible that since I generated some keys earlier there is some > "residue" that needs removing? > That's possible. Did you already have a CA certificate? > Secmod.db? > Generated automatically by NSS if it doesn't exist. > Tempcert? > Tempcertreq? > Not sure what these are. > Regards > > Steven > > -- > Fedora-directory-users mailing list > Fedora-directory-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3245 bytes Desc: S/MIME Cryptographic Signature Url : http://lists.fedoraproject.org/pipermail/389-users/attachments/20070913/3a8d13f9/attachment.bin
