Scott Lacy wrote: > > I have a server which has an old and renewed SSL cert on it, but the > server will not start due to the old cert still being on it. I have > not had any success deleting the old cert or setting the server to > start with the new one (if that is configurable). I?ve gone through > the documentation with no success. I guess what I need is a > quick-and-dirty lesson on how to locate the old cert and delete it. > Use the certutil command http://directory.fedoraproject.org/wiki/Howto:SSL has some examples cd /opt/fedora-ds/alias ../shared/bin/certutil -L -d . -P slapd-yourinstancename- Use certutil -H for help certutil -D will delete a cert I would strongly encourage you to make a backup of your expired cert and key first: cd /opt/fedora-ds/alias ../shared/bin/pk12util -d . -P slapd-yourinstancename- -o saved.p12 -n "old cert name" ... Use pk12util -H for help > > Thanks in advance from a sheepish SA? > > ---------------------- > > Scott Lacy > > Unix Systems Manager, Systems and Networks > > Mercer University > > 478 301 5509 > > ------------------------------------------------------------------------ > > -- > Fedora-directory-users mailing list > Fedora-directory-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3258 bytes Desc: S/MIME Cryptographic Signature Url : http://lists.fedoraproject.org/pipermail/389-users/attachments/20081217/aeb4763f/attachment.bin
