Re: simple ssl replication

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Richard Megginson wrote:

Susan wrote:


--- Richard Megginson <rmeggins@xxxxxxxxxx> wrote:
susan:
"CT,," -a -i cnjldap01.cert.asc certutil: could not obtain certificate from file: You are attempting to import a cert with the 
same issuer/serial as an existing cert, but that is not the same cert.
What do you think? Both the supplier's and the consumer's CA certs were created with identical 
password/noise files.  Is that a problem?




It seems that you already have the CA cert in the consumer cert db.
well, I recreated the cert DB on the supplier and the consumer, using different passwords and noise files and it worked fine after that. I guess identical passwords/noise produce identical 
certs and that's not allowed.
No, that should be ok - are you sure you gave each cert a unique serial number?
Really all you need to do is generate a single CA certificate and use that to sign both the supplier and consumer certificates. Each server doesn't need its own CA. 

rob

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users
[Index of Archives]     [Fedora Directory Users]     [Fedora Directory Devel]     [Fedora Announce]     [Fedora Legacy Announce]     [Kernel]     [Fedora Legacy]     [Share Photos]     [Fedora Desktop]     [PAM]     [Red Hat Watch]     [Red Hat Development]     [Big List of Linux Books]     [Gimp]     [Yosemite News]

  Powered by Linux