Yes. If the cert and key are in PEM format, use openssl to create a PKCS12 (.p12) file. Then use pk12util to import the certificate into a NSS certificate database (cert9.db,key4.db). -----Original Message----- From: Fernando Fuentes <ffuentes@xxxxxxxxxxx> Sent: Wednesday, August 21, 2019 7:26 PM To: 389-users@xxxxxxxxxxxxxxxxxxxxxxx Subject: [389-users] Re: SSL on console I think I found my problem. The server does not like the certificate because it was not generated inside fedora389 and it does not hold the key. 300 Dollars wasted... Before I called this one the quits... Is there a way to import a key and cert generated at the OS level and not inside Fedora389? Thanks! On 8/21/19 8:16 PM, Fernando Fuentes wrote: > By the way I follow thsi steps and I had no success. > https://access.redhat.com/documentation/en-us/red_hat_directory_server > /9.0/html/administration_guide/managing_ssl > > > It wont allow me to enable it because there is no certificate for the > console. Funny part is that the instructions say to only import a CA > > On 8/21/19 5:45 PM, Fernando Fuentes wrote: >> Hello all. >> >> I have configured SSL to my dirsrv and works just fine but when I try >> to configure the ssl portion for the console, Under Admin Server -> >> Encryption... I cant find my CA there. How can import it for the >> Admin console? >> >> Using Fedore389 Admin Server 1.1.46 >> >> TIA! >> _______________________________________________ >> 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To >> unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx >> Fedora Code of Conduct: >> https://docs.fedoraproject.org/en-US/project/code-of-conduct/ >> List Guidelines: >> https://fedoraproject.org/wiki/Mailing_list_guidelines >> List Archives: >> https://lists.fedoraproject.org/archives/list/389-users@lists.fedorap >> roject.org > _______________________________________________ > 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To > unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: > https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedoraproject.org/archives/list/389-users@lists.fedorapr > oject.org _______________________________________________ 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx This communication is the property of CenturyLink and may contain confidential or privileged information. Unauthorized use of this communication is strictly prohibited and may be unlawful. If you have received this communication in error, please immediately notify the sender by reply e-mail and destroy all copies of the communication and any attachments. _______________________________________________ 389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx
