Hello: am trying to understand how the admin certificates work in relation to the directory service ones. So I created the P12 using my PKI and imported the CA chain and certificate using certutil and p12util. Then I went into the Administration console, selected encryption, and chose the certificate I had imported. Next created the password.conf and updated nss.conf. Finally restarted dirsrv-admin which worked fine. Attempted to connect and it failed. In the error log I see: "[Tue Jan 12 20:07:37.248469 2016] [:error] [pid 3516:tid 140704929720384] Misconfiguration of certificate's CN and virtual name. The certificate CN has ldap01admin.testlab.local. We expected ldap01.testlab.local as virtual name." So if I create a certificate called ldap01.testlab.local how do I then create the same CN for the directory service itself ?!? Thanks, Phil -- 389 users mailing list 389-users@%(host_name)s http://lists.fedoraproject.org/admin/lists/389-users@xxxxxxxxxxxxxxxxxxxxxxx
