Ski Kacoroski wrote: > Hi, > > I am having problems with SSL setup. First I tried via the admin > console to use our company's star cert, What exactly did you do? Note that if you have an existing server cert+key, you'll have to import that as a pkcs12 file (which contains both the server cert and private key, encrypted). You may also have to import the CA cert if the CA that issued your cert is not chain-able up to one of the NSS default root CAs. > but no matter what [in/password > I picked for the keystore, when I tried to restart the server it would > not accept my pin/password that I had just entered. Did you try setting up a pin.txt file? > I then gave up and > ran the setupssl2.sh script and this worked except that it threw an > error when trying to modify the directory to turn on ssl. What error? > So I went in > via the admin console and was able to turn on ssl for the admin console > and my directory. The problem now is that I cannot stop the server from > the admin console (I can start it ok). I just get a dialog with > "Directory Server nsd-org could not be stopped". run the console with 389-console -D 9 -f console.log - see if there are any clues in the log also check the admin server logs - /var/log/dirsrv/admin-serv > Any ideas on why when > I can start the server ok? Also has any one else made this work with a > star cert? > star (wildcard) certs are not recommended - it is better to use subjectAltName certs - but they should work > cheers, > > ski > >
