Attached is the error I get when the login fails. Thanks. Richard Megginson wrote:
FDS User wrote:This is the likely culprit. Shut down the admin server, then chown nobody:nobody local.conf, then restart.Below is the ls and grep output. [root@ldap slapd-ldap]# ls -al /opt/fedora-ds/alias <snip> looks ok [root@ldap slapd-ldap]# ls -al /opt/fedora-ds/admin-serv/config total 84 drwxr-xr-x 2 nobody nobody 4096 May 9 10:31 . drwxr-xr-x 8 root root 4096 May 9 10:32 .. -rw------- 1 nobody nobody 544 May 10 13:17 adm.conf -rw------- 1 nobody nobody 39 May 7 18:28 admpw -rw------- 1 root root 4598 May 7 18:28 admserv.conf -rw------- 1 nobody nobody 3702 May 10 13:17 console.conf -rw------- 1 root root 26784 May 7 18:28 httpd.conf -rw-r--r-- 1 root root 19233 May 7 18:28 local.conf-r-------- 1 nobody nobody 4604 May 7 18:29 nss.conf[root@ldap slapd-ldap]# grep NSS /opt/fedora-ds/admin-serv/config/console.confNSSEngine on NSSNickname server-cert # The NSS security database directory that holds the certificates and NSSCertificateDatabase /opt/fedora-ds/alias NSSDBPrefix admin-serv-ldap-NSSCipherSuite +des,+rc2export,+rc4export,+desede3,+rc4,+rc2,+rsa_rc2_40_md5,+rsa_rc4_128_md5,+rsa_3des_sha,+rsa_rc4_40_md5,+fips_des_sha,+fips_3des_sha,+rsa_des_sha,-rsa_null_md5NSSVerifyClient none Richard Megginson wrote:FDS User wrote:Hi,I am getting "PSET failure: PSET attribute creation or local cache update failed" when I try to enable SSL for admin server using the encryption tab. I have used it in the past without issues and now for some reason I get this error after doing a re-install of fds.I used the SSL script from the fds site to generate the certs. Admin server log has this error:[error] SSL Library Error: -12271 SSL client cannot verify your certificateAny help is highly appreciated.ls -al /opt/fedora-ds/alias ls -al /opt/fedora-ds/admin-serv/config grep NSS /opt/fedora-ds/admin-serv/config/console.conf------------------------------------------------------------------------Thanks. -- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users-- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users------------------------------------------------------------------------ -- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
Attachment:
adminconsole.pdf
Description: Adobe PDF document
-- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
