>>> What's not necessary? Note that the admin server and directory server >>> have separate cert databases. Also note that the NSS crypto team is >>> working towards a unified system-wide cert db. >>> >> >> That could have been more clear, I meant that a lack of certs in the Admin Server db should not cause an error when trying to access cert information in the >directory server db. But as I said that is from 10 000 feet viewpoint. >> >The SSL client must have a CA cert. In this case, the SSL client is the >Admin Server, and the SSL server is the configuration directory server >(the directory server that holds o=NetscapeRoot). When the "Use SSL in >Console" is selected, the console and admin server will use SSL to >contact the configuration DS. Just to clarify this. Do I only need the CA cert in the /etc/dirsrv/admin-serv/ cert database or do I need the server CA in there as well. If so I could for all intents and purposes copy /etc/dirsrv/slapd-testserver/*.db to /etc/dirsrv/admin-serv/ ? Also I am not sure where the certdb password for /etc/dirsrv/admin-serv/ is stored? Regards ________________________________________________________________________ In order to protect our email recipients, Betfair Group use SkyScan from MessageLabs to scan all Incoming and Outgoing mail for viruses. ________________________________________________________________________ -- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users
