SSL failure

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

I want to import a personal cert generated lik this :
* /usr/bin/openssl x509 -extfile .cfg -days 365 -CAserial ca.ser -CA ca.crt -CAkey ca.key -in toutou.csr -req -out toutou.crt
I make a PKCS12 export :
* /usr/bin/openssl pkcs12 -export -in toutou.crt -inkey toutou.key -certfile ca.crt -name "toutou" -caname "toutou" -out toutou.p12
I introduce it in FDS db :
* pk12util -d /etc/dirsrv/slapd-ldapnew -n "toutou" -i toutou.p12
I check import :
* certutil -L -d /etc/dirsrv/slapd-ldapnew

I configure FDS ti user SSL encryption with management console, and restart it.
It fails with error :

[27/Feb/2009:13:59:17 +0100] - SSL alert: CERT_VerifyCertificateNow: verify certificate failed for cert toutou of family cn=RSA,cn=encryption,cn=config (Netscape Portable Runtime error -8101 - Certificate type not approved for application.)
[27/Feb/2009:13:59:17 +0100] - SSL failure: None of the cipher are valid

What's wrong ?
Is there any special option to give to openssl for generating cert ?

BR,

--
==========================================
Emmanuel BILLOT
IRD - Orléans
Délégation aux Systèmes d'Information (DSI)
tél : 02 38 49 95 88
==========================================

--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users

[Index of Archives]     [Fedora Directory Users]     [Fedora Directory Devel]     [Fedora Announce]     [Fedora Legacy Announce]     [Kernel]     [Fedora Legacy]     [Share Photos]     [Fedora Desktop]     [PAM]     [Red Hat Watch]     [Red Hat Development]     [Big List of Linux Books]     [Gimp]     [Yosemite News]

  Powered by Linux