Is the SSL certificate self signed or is it issued by a valid Root?
* May help to see the content of the certificate to see what extensions and key usage of the certificate your attempting to use. David M. Partridge From: Rich Megginson [mailto:[email protected]] Sent: Tuesday, September 20, 2011 10:06 AM To: Chris Ober; [email protected] Subject: Re: [389-users] SSL Error on Startup On 09/20/2011 07:45 AM, Chris Ober wrote: Rich, I've read that, and I believe I've followed the steps shown there, but it doesn't solve my problem. let's start with perms/ownership ls -al /etc/dirsrv/slapd-instance grep nsslapd-localuser /etc/dirsrv/slapd-instance/dse.ldif see what the server cert name is grep -i personality /etc/dirsrv/slapd-instance/dse.ldif next, look at certutil certutil -d /etc/dirsrv/slapd-instance -L certutil -d /etc/dirsrv/slapd-instance -L -n "name of CA cert" certutil -d /etc/dirsrv/slapd-instance -L -n "name of server cert" ~Chris On 9/19/11 2:47 PM, Rich Megginson wrote: On 09/19/2011 12:26 PM, Chris M. Ober wrote: Hello all, I've installed 389 to replace an ancient server that is on its last legs. I got everything configured and working, until just now. I generated and signed ssl keys to use ldaps, and it seemed to accept everything. It told me to restart the service, which it wouldn't allow me to do from the console. From the command line `service dirsrv restart` gave me an error I can't figure out. The error is: <?ae=PreFormAction&a=Forward&t=IPM.Note&id=RgAAAAAddcPi7ODVRL%2bRKLFJpZ86BwCjUgqOSZifQqfpcvM7EMjGAAAAkkLWAACjUgqOSZifQqfpcvM7EMjGAAAO0Wg%2fAAAJ&pspid=_1316456764395_268663948#> [root@ceto2 ~]# service dirsrv start Starting dirsrv: ceto2...[19/Sep/2011:14:07:19 -0400] - SSL alert: Security Initialization: Unable to authenticate (Netscape Portable Runtime error -8192 - An I/O error occurred during security authorization.) [19/Sep/2011:14:07:19 -0400] - ERROR: SSL Initialization Failed. [FAILED] *** Warning: 1 instance(s) failed to start I haven't been able to find anything on google to help me solve this. Any idea what is going wrong? http://docs.redhat.com/docs/en-US/Red_Hat_Directory_Server/8.2/html-single/Administration_Guide/index.html#SecureConnections Thank you, Chris -- 389 users mailing list [email protected]<mailto:[email protected]> https://admin.fedoraproject.org/mailman/listinfo/389-users
-- 389 users mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/389-users
