Alex wrote:
The problem with using the script is that, if you run it from a completely clean install, it will create a brand new CA cert. I think the script may be able to detect if you already have a CA cert.of course!each server will have its own certificate. OK, you have servers A & B.Answer to richard too... Ok, i tried..on my virtual....I run all command as you know..both in nodo1 and nodo2... Now..both have ssl enabled....but if I try to import CA certificate from nodo1 to nodo2 : ../shared/bin/certutil -A -d . -P slapd-nodo2- -n "CA certificate" -t "CT,," -a -i cacert.asc It says: Certutil-bin: could not obtain certificate from file: You are attempting to import a cert with the same issuer/serial as an existing cert, but that is not the same cert
Plus...as suggested from Susan I ran /usr/bin/ldapsearch -ZZ -h nodo1.... Ant it reports: Ldap_start_tls: Connect error (-11) additional info: Start TLS request accepted.Server willing to negotiate SSL. Alex -- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
-- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
