Re: Problem with AES

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Andreas Kekkou wrote:

Hi Richard,
Nothing has changed. Executing the command you have suggested on both servers I get the same output: 

[root@serverA alias]# ../shared/bin/certutil -L -P slapd-serverA- -d .
serverA-cert                                                 u,u,u
Computer Science Department CA               CT,,

[root@serverB alias]# ../shared/bin/certutil -L -P slapd-serverB- -d .
serverB-cert                                                  u,u,u
Computer Science Department CA                CT,,

Is there anything else I have to check?

grep -i personality /opt/fedora-ds/slapd-instancename/config/dse.ldif

The personality name should match with the server cert name in your certdb.


Cheers.

Andreas

Richard Megginson wrote:

Andreas Kekkou wrote:

Hi all,
I'm running FDS in multi-master mode with two servers. Both servers are configured with TLS support. One of the servers logs the following error:
[25/Oct/2007:08:50:55 +0300] - attrcrypt_unwrap_key: failed to unwrap key for cipher AES [25/Oct/2007:08:50:55 +0300] - Failed to retrieve key for cipher AES in attrcrypt_cipher_init [25/Oct/2007:08:50:55 +0300] - Failed to initialize cipher AES in attrcrypt_init [25/Oct/2007:08:50:55 +0300] - attrcrypt_unwrap_key: failed to unwrap key for cipher AES [25/Oct/2007:08:50:55 +0300] - Failed to retrieve key for cipher AES in attrcrypt_cipher_init [25/Oct/2007:08:50:55 +0300] - Failed to initialize cipher AES in attrcrypt_init [25/Oct/2007:08:50:57 +0300] - slapd started. Listening on All Interfaces port 389 for LDAP requests [25/Oct/2007:08:50:57 +0300] - Listening on All Interfaces port 636 for LDAPS requests
Both servers seems to work just fine. Any ideas how this can be resolved?
Has your SSL/TLS configuration changed at all? Have you acquired a new cert or renewed an existing cert? 
cd /opt/fedora-ds/alias
../shared/bin/certutil -L -P slapd-instance- -d .


Thanks,

Andreas
--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users


------------------------------------------------------------------------

--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users

--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users

<<attachment: smime.p7s>>

--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users
[Index of Archives]     [Fedora Directory Users]     [Fedora Directory Devel]     [Fedora Announce]     [Fedora Legacy Announce]     [Kernel]     [Fedora Legacy]     [Share Photos]     [Fedora Desktop]     [PAM]     [Red Hat Watch]     [Red Hat Development]     [Big List of Linux Books]     [Gimp]     [Yosemite News]

  Powered by Linux