% openssl pkcs12 -export -in cert.pem -inkey key.pem -out cert.p12 -name \"Server-Cert\" -passout pass:foo
You can then import that into your database with something like: % pk12util -i cert.p12 -d <server-root>/alias -P slapd-YOURHOST- -W fooReplace <server-root> with the path to your DS install, probably /opt/fedora-ds. Check the alias directory to see what the value of YOURHOST should be. Note that the trailing dash is important.
rob Rich Megginson wrote:
You need to get your CA to export your key/cert data in pkcs12 (.p12) format, then use the FDS pk12util to import both the key and cert.Kevin M. Myer wrote:Hello,I would like to use an external application to handle my certificate request(I'm using self-signed certificates - essentially my CA application would generate the request and then sign it, instead of using any of the FDScomponents to generate the request). This process works fine, except thatthere doesn't appear to be an easy way to get the private key for thecertificate into the certificate store. Obviously, if you use the certificate wizard or certutil to generate the request, the key ends up in the store. But if you don't, is there a way to import a key, so that importing a certificate will work? Currently it balks about importing a signed certificate because the private key is missing. I tried combining key and certificate into one file(PEM format) but that didn't help. Kevin------------------------------------------------------------------------ -- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
-- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
