Hi, Setup: Fedora 15 x64 * 389-admin-1.1.23-1.fc15.x86_64 * 389-admin-console-1.1.8-1.fc15.noarch * 389-admin-console-doc-1.1.8-1.fc15.noarch * 389-adminutil-1.1.14-1.fc15.x86_64 * 389-console-1.1.7-1.fc15.noarch * 389-ds-1.2.2-1.fc15.noarch * 389-ds-base-1.2.9.10-2.fc15.x86_64 * 389-ds-base-libs-1.2.9.10-2.fc15.x86_64 * 389-ds-console-1.2.6-1.fc15.noarch * 389-ds-console-doc-1.2.6-1.fc15.noarch * 389-dsgw-1.1.7-2.fc15.x86_64
Disclaimer: I'm pretty new to 389 Directory Server so this might be a simple question. Goal: I am attempting to install a CA & server certificate, which I have signed by my own openssl CA. My Steps: After using the 389 Console to generate my certificate request, I was then able to sign it with my openssl CA and install the cert (plus CA cert) into the 389 Directory Server without issue. I then choose the; - "Enable SSL for this server" option and selected the security device and server cert "server-crt2". - I checked the CA cert and it showed that there was no broken links in the certification paths. Issue: After restarting Directory Server, I was surprised to see the following error; ----------------------------------------------------------------------------------------- [04/Oct/2011:17:39:09 +1100] - SSL alert: Security Initialization: Can't find certificate (server-cert2) for family cn=RSA,cn=encryption,cn=config (Netscape Portable Runtime error -8174 - security library: bad database.) [04/Oct/2011:17:39:09 +1100] - SSL alert: Security Initialization: Unable to retrieve private key for cert server-cert2 of family cn=RSA,cn=encryption,cn=config (Netscape Portable Runtime error -8174 - security library: bad database.) [04/Oct/2011:17:39:09 +1100] - SSL failure: None of the cipher are valid [04/Oct/2011:17:39:09 +1100] - ERROR: SSL Initialization phase 2 Failed. ----------------------------------------------------------------------------------------- I feel like I must be missing something pretty obvious, any suggestions? cya Craig -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
