Steven Jones wrote:
Hi, A while back I started the get FDS up and going and it appears I made a mistake in the server generation file for the SSl certs, basically I did this, ../shared/bin/certutil -S -n "Server-Cert" -s \ "cn=vuw.ac.nz" -c "CA certificate" -t "u,u,u" -m 1001 -v \ 120 -d . -z noise.txt -f pwdfile.txt When I should have done this, ../shared/bin/certutil -S -n "Server-Cert" -s \ "cn=vuwunicvfdsm001.vuw.ac.nz" -c "CA certificate" -t "u,u,u" -m 1001 -v \ 120 -d . -z noise.txt -f pwdfile.txt So now I am working back through my notes to fix my mistake but at this command, ../shared/bin/certutil -A -d . -P admin-serv-vuwunicvfdsm001- -n "CA certificate" -t "CT,," -a -i cacert.asc I get this error, ======== certutil-bin: could not obtain certificate from file: You are attempting to import a cert with the same issuer/serial as an existing cert, but that is not the same cert. [root@vuwunicvfdsm001 alias]# ======== How do I fix this please?
You need to remove the old CA cert first. ../shared/bin/certutil -D -d . -P admin-serv-vuwunicvfdsm001- -n "CA certificate" Then import the new CA cert.
regards Steven Jones Senior Linux/Unix/San/Vmware System Administrator APG -Technology Integration Team Victoria University of Wellington Phone: +64 4 463 6272 -- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
<<attachment: smime.p7s>>
-- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
