Hi guru,
i have a problem with
enabling SSL in my Fedora Directory Server. I already searched
with
google and I have found other people that have same problem but,
following the instructions, I cannot resolve my problem (maybe
my
problem has a different source).
I start by saing that in the past
I have enabled SSL on FDS 1.2.5 succesfully, but with FDS 1.2.12
rc2
I cannot.
I'm assuming you mean 1.2.10.rc2 - Don't use rc2 - use 1.2.10.3
which is in updates-testing
On my Fedora 16, with kernel
3.2.7-1, I installed FDS
1.2.12rc2. Then, I created a request for the Directory Server
(using
Manage Certificates). During this operation, I inserted the FQDN
in
Server Name field and I completed other field (Organization,
State,
etc). Then I exported the request and, using a my self-signed
CA, I
created a cert for the server. I imported server and CA certs
succesfully. In the Certification Path tab of server cert, I can
see
the correct chain (server and ca certs). But when I enable SSL
for my
server (with Encryption tab) and I restart my server, it cannot
start
correctly and give me this error:
SSL alert: Security Initialization: Unable to authenticate (Netscape Portable Runtime error -8192 - An I/O error occurred during security authorization.)
ERROR: SSL Initialization Failed.
But if I create a key and cert with openssl for my server (then
not
creating the request and sign it, but creating the cert directly
with
openssl), I export the cert in p12 format and I import it with
certutil utility, it works fine: I can enable SSL and I can
restart
my server without any problem.
Then, I thing that I wrong to insert
the information during generation request. Can you help me?
You should also use 389-admin-1.1.27 from updates-testing - there
was a similar bug fixed in 389-admin