I've been trying for the last 2 days to setup SSL on FDS without any luck and little feedback. Following the Redhat Directory Server 8.0 Administration Guide, Chapter 11, I've tried to install a local certificate both through the console and at the command line using certutil. >From the console going through every step. In step 2 the DN is: CN="ldap1.chip.org", OU="CHIP", O="Childrens Hospital Boston", L="Boston", ST="Massachusetts", C="US" In step 3 I get: Unable to convert DN to certificate name. Using the certutil these commands worked: certutil -N -d . -f pwdfile -P slapd-ldap1 certutil -S -n "CA certificate" -s "cn=Childrens Hospital Informatics Program, dc=chip, dc=org" -x -t "CT,," -m 1000 -v 120 -d . -k rsa -g 1024 -f pwdfile -P slapd-ldap1 certutil -S -n "Server-Cert" -s "cn=ldap1.chip.org,cn=DS1" -c "CA certificate" -t "u,u,u" -m 1001 -v 120 -d . -k rsa -g 1024 -f ./pwdfile -P slapd-ldap1 certutil -d . -L -n "CA certificate" -a > cacert.asc -P slapd-ldap1 Using the pk12util failed pk12util -d . -o ldap1.p12 -n Server-Cert1 -w ./pwdfile.txt -k ./pwdfile.txt The error is: pk12util: find user certs from nickname failed: security library: bad database. I've run these 2 programs multiple times and googled to no avail. Could anyone help with this? Tom McManus System Manager II Research Computing Children's Hospital Boston 300 Longfellow Ave., Enders 146.1 Boston MA 02115 Office: 617 919 2308 Mobile: 617 997 2665 -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.fedoraproject.org/pipermail/389-users/attachments/20081202/6434369e/attachment.html
