> However, be mindful that the if you use attribute encryption, this > value is stored in the key3.db, and replacement of this file WILL > destroy your access to your own database! IE if you plan to use this > strategy, you MUST NOT use attribute encryption at the same time. > I'll take that into account. > A better process could be to have a systemd drop in file that on > "start" takes .PEM files and turns them into the nss db, OR loads > them into the existing NSS db. This would be useful upstream too, so > maybe that's a better strategy, and of course, tools for PEM > management are much better from a sys admin view. Would this be a > cleaner approach do you think? > do you have any docs about this process? I'm not really sure if I understand you when you say "This would be useful upstream too", can you elaborate? abosch _______________________________________________ 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx
