Marc,
Thank you!
I will report back soon.
Regards,
Fernando Fuentes
Supervisor & Senior Systems Administrator
Email: ffuentes@xxxxxxxxxxx
American Alloy Steel, Inc.
Houston, Texas
Website: http://www.aasteel.com
Phone: 713-744-4222
Fax: 713-300-5688
On 8/22/19 2:31 AM, Marc Muehlfeld wrote:
Hi Fernando,
On 8/22/19 5:21 AM, Fernando Fuentes wrote:
Is there a how to for this procedure?
## Convert to PKCS#12:
# openssl pkcs12 -export -out demo.p12 -inkey
pki/private/demo.example.com.key -in pki/issued/demo.example.com.crt
Enter pass phrase for pki/private/demo.example.com.key:
Enter Export Password:
Verifying - Enter Export Password:
# Import to DS NSS DB:
# pk12util -i demo.p12 -d /etc/dirsrv/slapd-instance_name/ -W password
Enter Password or Pin for "NSS Certificate DB":
pk12util: no nickname for cert in PKCS12 file.
pk12util: using nickname: demo.example.com
pk12util: PKCS12 IMPORT SUCCESSFUL
## Display the imported cert:
# certutil -d /etc/dirsrv/slapd-instance_name/ -L
Certificate Nickname Trust
Attributes
SSL,S/MIME,JAR/XPI
demo.example.com u,u,u
## Display the imported private key:
# certutil -d /etc/dirsrv/slapd-instance_name/ -K
certutil: Checking token "NSS Certificate DB" in slot "NSS User
Private Key and Certificate Services"
Enter Password or Pin for "NSS Certificate DB":
< 0> rsa ec30598b2107c71dd69494d51d7de6ef0e57ffbe demo.example.com
Please let me know if it works, and DS does not complain about it when
you use the key/cert.
Regards,
Marc
_______________________________________________
389-users mailing list -- 389-users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to 389-users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/389-users@xxxxxxxxxxxxxxxxxxxxxxx
