Hi,
corresponding
http://directory.fedoraproject.org/wiki/Howto:SSL
your /etc/dirserv/slapd-<inst>/pin.txt file has to contain:
internal:<your-password>
Please check the syntax
Regards
Carsten
----- Ursprüngliche Nachricht -----
Von: "s.varadha rajan" <rajanvaradhu(a)gmail.com>
Datum: Dienstag, 9. August 2011, 11:16
Betreff: Re: [389-users] Existing certificate error
An: "General discussion list for the 389 Directory server project."
<389-users(a)lists.fedoraproject.org>
Hi Niranjan,
Thx for the reply and tried as per your steps.then i made changes in dse.ldif as per
wiki.After that, i restarted then i got the below error,
* Starting 389 Directory Server instances :
[09/Aug/2011:14:41:18 +051800] - SSL alert: Security Initialization: Unable to find slot
Netscape Portable Runtime error -8127 - The security card or token does not exist, needs
to be initialized, or has been removed.)
[09/Aug/2011:14:41:18 +051800] - ERROR: SSL Initialization Failed.
* *** Warning: 1 instance(s) failed to start... [fail]
Any idea further please...
Regards,
Varad
2011/8/8 mallapadi niranjan <niranjan.ashok(a)gmail.com>
On Mon, Aug 8, 2011 at 4:10 PM, s.varadha rajan <rajanvaradhu(a)gmail.com> wrote:
Hi Niranjan,
> Password we have used while creating the certificate, that is not accepting. this is
the problem.
> @Rob,
> We have the certificate in .p12 format and in that all
are integrated. generally if you imported from .p12 everything should work.
> This is where i am struck and still facing the same
issues.
> Regards,> Varad
>
Greetings,
> Does the pkcs12 file has a
password, do you remember the password of the .pk12 file ?
> If so you can try the below
>
Important, please take backup of /etc/dirsrv before attempting and also stop directory
service > #service dirsrv stop
> take the backup of NSS database file in /etc/dirsrv
> $mv *.db /tmp/mybackup
> $cd /etc/dirsrv > Create a new database
$certutila -N -d /etc/dirsrv
> Import the certificates from
pk12 file > $pk12util -d . -i <file-name>-n <nick-name>
> The nick-name is generally "server-cert", You
can verify this by listing the contents from the existing directory
> $certutil -L -d /tmp/mybackup
> You
might have to re-import the CA certificate if required, > $certutil -A -d /etc/dirsrv
-a -i <CA-certificate> -t "TC,,"
> Regards> Niranjan
> On
Fri, Aug 5, 2011 at 7:05 PM, Rob Crittenden <rcritten(a)redhat.com> wrote:
s.varadha rajan wrote:
Hi,
We are planning to configure ssl
enabled Fedora directory server.we have
a proper signed certificate.while importing, it is asking
"Enter the
password to access the Token" ? like that. even though we
have given the
exact password, while creating the certificate but it is not
working.
I referred wiki fedora doc also but getting this error. How to
use
existing certificate and enable secure ldap server.
I have already posted the same
question but nobody is reply
Regards,
Varad
Did you import the cert's
private key too?
rob
> --
389 users mailing list
389-users(a)lists.fedoraproject.org
>
https://admin.fedoraproject.org/mailman/listinfo/389-users
> --
> 389 users mailing list
389-users(a)lists.fedoraproject.org
>
https://admin.fedoraproject.org/mailman/listinfo/389-users