HI i have installed ssl certificate from bellow script https://github.com/richm/scripts/blob/master/setupssl2.sh
it went fine. but I dont understand, how will i create Certificate file for the clients.
according to documentation : http://directory.fedoraproject.org/wiki/Howto:SSL#Configure_LDAP_clients i need to expoert CA cert from ASCII which is cacert.asc , but dont understand how will i do that
I have cacert.asc in /etc/dirsrv/slapd-instance directory but dont know how to export cert file into client
/etc/openldap/cacerts/
I am trying this from last couple of day. can any one please help me .
Well back in centos/redhat/fedora directory server this could be done like this:
First you should check what certificates names you have in certutil database. In slapd directory type:
certutil -d . -L
this should show you all certificates in database (server certificates aswell). Usualy CA certs are named soo you could recognize them.
Now you need to chose the CA certificate from the list and use it in this command:
certutil -d . -L -n "THE_NAME_OF_YOU_CA_CERT_HERE" -a > /root/ds-ca.crt
I did not use much 389 but i think this should work on 389 as well as on el5 distros where I've tested this way of exporting certs.
Rest of atricle should be clear now. Remember to enable ssl/tls or starttls on 389.
Good luck Grzegorz
2012/7/27 fosiul alam expertalert@gmail.com
HI i have installed ssl certificate from bellow script https://github.com/richm/scripts/blob/master/setupssl2.sh
it went fine. but I dont understand, how will i create Certificate file for the clients.
according to documentation : http://directory.fedoraproject.org/wiki/Howto:SSL#Configure_LDAP_clients i need to expoert CA cert from ASCII which is cacert.asc , but dont understand how will i do that
I have cacert.asc in /etc/dirsrv/slapd-instance directory but dont know how to export cert file into client
/etc/openldap/cacerts/
I am trying this from last couple of day. can any one please help me .
-- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
389-users@lists.fedoraproject.org