On Thu, 2005-12-08 at 19:11 -0700, Richard Megginson wrote: > Craig White wrote: > >>> > >>You will get this error if you try to use startTLS but the server is not > >>configured for security, which brings us back to your earlier problem . . . > >>What are the first few lines of slapd-srv1/logs/errors? > >> > >> > >---- > >you are right on the money but I don't know why. > > > >nsslapd-security: on # in /opt/fedora-ds/slapd-srv1/config/dse.ldif > > > >then 'service fds restart' will absolutely hang and never start up. > > > >if it equals 'off' then obviously slapd will start up. > > > >recent efforts which include the 'hang' effect show nothing > >in /opt/fedora-ds/slapd-srv1/logs/error but the one time that I > >restarted the server from the console, it did show this... > > > >[08/Dec/2005:15:22:57 -0700] - SSL alert: Security Initialization: > >Unable to authenticate (Netscape Portable Runtime error -8177 - The > >security password entered is incorrect.) > >[08/Dec/2005:15:22:57 -0700] - ERROR: SSL Initialization Failed. > > > > > Darn it. That's right. With SSL enabled, you must start the server > from the console, in order to provide the pin for the key/cert db. > > If you want to do unattended server restarts, you have to purchase a > PKCS11 Hardware Security Module or create a slapd-svr1-pin.txt file in > the proper format with the cleartext password in it. ---- OK - important detail slapd-srv1-pin.txt does that go in /opt/fedora-ds/alias ? /opt/fedora-ds/slapd-srv1 ? Thanks Craig -- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
