Re: [389-users] SSL Question

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi Chris,

A default database gets created anyway if I remember correctly so no need to recreate it. In my experience it best to do all changes to the cert database before you start the LDAP services. So if you make changes then restart the 389 directory server. You also need to set a password for the service to read the database if you have made the cert database password protected. 

Regards

2011/10/19 Chris Cawley <cawley@xxxxxxxx>

### Starting ldap parts

groupadd -g 10000 ldap

useradd -u 10000 -g 10000 -d /home/ldap ldap

yum install 389-admin

yum install 389-adminutil 389-adminutil-devel \

389-ds-base 389-ds-base-devel 389-ds-base-libs

 

### Take defaults

/usr/sbin/setup-ds-admin.pl

 

chkconfig --levels 2345 dirsrv on

chkconfig --levels 2345 dirsrv-admin on

chkconfig --levels 2345 httpd on

 

### LDAP/SSL

cd /etc/dirsrv/slapd-ldap

certutil -N -d .

certutil -L -d .

 

At some point, the CA Builtin tokens are all gone.

 

-          Chris

From: 389-users-bounces@xxxxxxxxxxxxxxxxxxxxxxx [mailto:389-users-bounces@xxxxxxxxxxxxxxxxxxxxxxx] On Behalf Of Gerhardus Geldenhuis
Sent: Wednesday, October 19, 2011 8:49 AM
To: General discussion list for the 389 Directory server project.
Subject: Re: [389-users] SSL Question

 

Hi Chris,

Not seen that before could you detail the steps you have taken thus far to get to the point you at now.

 

Regards

2011/10/19 Chris Cawley <cawley@xxxxxxxx>

Hello –

 

We are in the process of setting up SSL on 389 ds; however,

it appears that the CA cert db is empty.  The builtin tokens

are not even loaded.  Any ideas why?

 

-          Thanks

 

 

Chris Cawley

System Administrator

Washington Research Library Consortium

301-390-2049

cawley@xxxxxxxx

 

 


--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users



 

--
Gerhardus Geldenhuis


--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users



--
Gerhardus Geldenhuis
--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users
[Index of Archives]     [Fedora User Discussion]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Yosemite Photos]     [Linux Apps]     [Maemo Users]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux