[389-users] Re: SSL on console

2019-08-22 Thread Fernando Fuentes
So I finally got it to take by doing the following: [root@hypersouth ~]# openssl pkcs12 -export -out hypersouth-net.p12 -inkey /etc/pki/tls/private/hypersouth_auth-2019.key -in /etc/pki/tls/certs/hypersouth.aasteel.net.pem -certfile /etc/pki/ca-trust/source/anchors/RapidSSLCA.crt Enter pass

[389-users] Re: SSL on console

2019-08-22 Thread Fernando Fuentes
I caught my mistake and corrected but now I get: [root@hypersouth SSL]# pk12util -i hypersouth-net.p12 -d /etc/dirsrv/slapd-hypersouth/ -W password Enter Password or Pin for "NSS Certificate DB": pk12util: PKCS12 decode not verified: SEC_ERROR_BAD_PASSWORD: The security password entered is

[389-users] Re: SSL on console

2019-08-22 Thread Fernando Fuentes
Marc, Here is what I get: [root@hypersouth SSL]# pk12util -i hypersouth-net.p12 /etc/dirsrv/slapd-hypersouth/ -W password pk12util: function failed: SEC_ERROR_LEGACY_DATABASE: The certificate/key database is in an old, unsupported format. [root@hypersouth SSL]# Regards, Fernando Fuentes

[389-users] Re: SSL on console

2019-08-22 Thread Fernando Fuentes
Marc, Thank you! I will report back soon. Regards, Fernando Fuentes Supervisor & Senior Systems Administrator Email: ffuen...@aasteel.com American Alloy Steel, Inc. Houston, Texas Website: http://www.aasteel.com Phone: 713-744-4222 Fax: 713-300-5688 On 8/22/19 2:31 AM, Marc Muehlfeld

[389-users] Re: SSL on console

2019-08-22 Thread Marc Muehlfeld
Hi Fernando, On 8/22/19 5:21 AM, Fernando Fuentes wrote: Is there a how to for this procedure? ## Convert to PKCS#12: # openssl pkcs12 -export -out demo.p12 -inkey pki/private/demo.example.com.key -in pki/issued/demo.example.com.crt Enter pass phrase for pki/private/demo.example.com.key:

[389-users] Re: SSL on console

2019-08-21 Thread Fernando Fuentes
use pk12util to import the certificate into a NSS >certificate database (cert9.db,key4.db). > > >-Original Message- >From: Fernando Fuentes >Sent: Wednesday, August 21, 2019 7:26 PM >To: 389-users@lists.fedoraproject.org >Subject: [389-users] Re: SSL on console > >

[389-users] Re: SSL on console

2019-08-21 Thread Vandenburgh, Steve Y
@lists.fedoraproject.org Subject: [389-users] Re: SSL on console I think I found my problem. The server does not like the certificate because it was not generated inside fedora389 and it does not hold the key. 300 Dollars wasted... Before I called this one the quits... Is there a way to import

[389-users] Re: SSL on console

2019-08-21 Thread Fernando Fuentes
I think I found my problem. The server does not like the certificate because it was not generated inside fedora389 and it does not hold the key. 300 Dollars wasted... Before I called this one the quits... Is there a way to import a key and cert generated at the OS level and not inside

[389-users] Re: SSL on console

2019-08-21 Thread Fernando Fuentes
By the way I follow thsi steps and I had no success. https://access.redhat.com/documentation/en-us/red_hat_directory_server/9.0/html/administration_guide/managing_ssl It wont allow me to enable it because there is no certificate for the console. Funny part is that the instructions say to only