Aaron Hagopian wrote: > Been using passwordless cert the whole time. This worked fine until I > upgraded to 1.2.6 final. I suppose it is possible that something happened during the upgrade to reset the password. Try using the modutil command - see modutil -H for details - modutil -dbdir /etc/dirsrv/slapd-barfolomew -changepw "NSS Certificate DB" > > On Thu, Sep 16, 2010 at 1:14 PM, Rich Megginson <rmeggins at redhat.com > <mailto:rmeggins at redhat.com>> wrote: > > Aaron Hagopian wrote: > > > > > > grep nsslapd-localuser /etc/dirsrv/slapd-instance/dse.ldif > > > > > > nsslapd-localuser: nobody > > > > ls -al /etc/dirsrv/slapd-instance > > > > > > [root at barfolomew slapd-barfolomew]# ls -al > /etc/dirsrv/slapd-barfolomew > > total 364 > > drwxrwx---. 3 nobody nobody 4096 Sep 16 07:46 . > > drwxrwxr-x. 8 root nobody 4096 Sep 15 10:20 .. > > -rw-rw----. 1 nobody nobody 65536 Sep 16 07:44 cert8.db > > -r--r-----. 1 nobody nobody 3595 Sep 15 10:20 certmap.conf > > -rw-------. 1 nobody nobody 70422 Sep 16 07:44 dse.ldif > > -rw-------. 1 nobody nobody 70422 Sep 16 07:44 dse.ldif.bak > > -rw-------. 1 nobody nobody 69463 Sep 15 17:32 dse.ldif.startOK > > -r--r-----. 1 nobody nobody 31234 Sep 15 10:20 dse_original.ldif > > -rw-rw----. 1 nobody nobody 16384 Sep 16 07:44 key3.db > > drwxrwx---. 2 nobody nobody 4096 Sep 16 07:46 schema > > -rw-rw----. 1 nobody nobody 16384 Sep 15 10:11 secmod.db > > -r--r-----. 1 nobody nobody 5366 Sep 15 10:20 slapd-collations.conf > There is no pin.txt file in there, and the error message indicates a > failure to authenticate, which is usually password/pin related. > http://www.redhat.com/docs/manuals/dir-server/8.2/admin/html/Managing_SSL.html#Starting_the_Server_with_SSL_Enabled-Creating_a_Password_File > > > > > > > > try /usr/lib64/dirsrv/slapd-instance/start-slapd -d 1 > > > > > > Here's the ending of the errors log file, and attached is the > whole thing: > > > > [16/Sep/2010:07:49:51 -0500] - => send_ldap_search_entry > > (cn=encryption,cn=config) > > > > [16/Sep/2010:07:49:51 -0500] - <= send_ldap_search_entry > > > > [16/Sep/2010:07:49:51 -0500] - => send_ldap_result 0:: > > > > [16/Sep/2010:07:49:52 -0500] - <= send_ldap_result > > > > [16/Sep/2010:07:49:52 -0500] - => slapi_reslimit_get_integer_limit() > > conn=0x0, handle=-1 > > > > [16/Sep/2010:07:49:52 -0500] - <= slapi_reslimit_get_integer_limit() > > returning NO VALUE > > > > [16/Sep/2010:07:49:52 -0500] - => slapi_reslimit_get_integer_limit() > > conn=0x0, handle=-1 > > > > [16/Sep/2010:07:49:52 -0500] - <= slapi_reslimit_get_integer_limit() > > returning NO VALUE > > > > [16/Sep/2010:07:49:52 -0500] - => compute_limits: sizelimit=-1, > > timelimit=-1 > > > > [16/Sep/2010:07:49:52 -0500] - => send_ldap_search_entry > > (cn=RSA,cn=encryption,cn=config) > > > > [16/Sep/2010:07:49:52 -0500] - <= send_ldap_search_entry > > > > [16/Sep/2010:07:49:52 -0500] - => send_ldap_result 0:: > > > > [16/Sep/2010:07:49:52 -0500] - <= send_ldap_result > > > > [16/Sep/2010:07:49:52 -0500] - => slapi_reslimit_get_integer_limit() > > conn=0x0, handle=-1 > > > > [16/Sep/2010:07:49:52 -0500] - <= slapi_reslimit_get_integer_limit() > > returning NO VALUE > > > > [16/Sep/2010:07:49:52 -0500] - => slapi_reslimit_get_integer_limit() > > conn=0x0, handle=-1 > > > > [16/Sep/2010:07:49:52 -0500] - <= slapi_reslimit_get_integer_limit() > > returning NO VALUE > > > > [16/Sep/2010:07:49:52 -0500] - => compute_limits: sizelimit=-1, > > timelimit=-1 > > > > [16/Sep/2010:07:49:52 -0500] - => send_ldap_search_entry > > (cn=RSA,cn=encryption,cn=config) > > > > [16/Sep/2010:07:49:52 -0500] - <= send_ldap_search_entry > > > > [16/Sep/2010:07:49:52 -0500] - => send_ldap_result 0:: > > > > [16/Sep/2010:07:49:52 -0500] - <= send_ldap_result > > > > [16/Sep/2010:07:49:52 -0500] - SSL alert: Security Initialization: > > Unable to authenticate (Netscape Portable Runtime error -8192 - > An I/O > > error occurred during security authorization.) > > [16/Sep/2010:07:49:53 -0500] - ERROR: SSL Initialization Failed. > > > > > > > ------------------------------------------------------------------------ > > > > -- > > 389 users mailing list > > 389-users at lists.fedoraproject.org > <mailto:389-users at lists.fedoraproject.org> > > https://admin.fedoraproject.org/mailman/listinfo/389-users > > -- > 389 users mailing list > 389-users at lists.fedoraproject.org > <mailto:389-users at lists.fedoraproject.org> > https://admin.fedoraproject.org/mailman/listinfo/389-users > > > ------------------------------------------------------------------------ > > -- > 389 users mailing list > 389-users at lists.fedoraproject.org > https://admin.fedoraproject.org/mailman/listinfo/389-users
