Thomas Cameron wrote: > Howdy - > > Posting this to the list just because Google searches didn't tell me. > Very possible I was asking the wrong question, but here's what I was > searching for. > > How do you disable SSL at startup for Fedora Directory Server (389)? > > In /etc/dirsrv/slapd-[hostname]/dse.ldif, change the line: > > nsslapd-security: on > > to: > > nsslapd-security: off > > Back story: I was messing about with SSL certificates and I did > something wrong. Not sure what yet, but since my cert was borked, > after I installed it, 389 wouldn't start. Since the LDAP server > wouldn't start, the admin server wouldn't allow me to log in. I was > kind of screwed. > > Once I set the LDAP server to start without SSL, I was able to log in > and now I can (hopefully) figure out what I did wrong with the > certificate. > > The error I was getting was: > > /var/log/dirsrv/slapd-e510/errors:[24/Apr/2010:18:12:30 -0500] - SSL > alert: CERT_VerifyCertificateNow: verify certificate failed for cert > e510 server-cert of family cn=RSA,cn=encryption,cn=config (Netscape > Portable Runtime error -8179 - Peer's Certificate issuer is not > recognized.) > How did you generate the server cert 'e510 server-cert' ? Did you import the CA cert of the CA that issued this cert? > -- > 389 users mailing list > 389-users@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/389-users > -- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users
