Alex wrote:
The problem with using the script is that, if you run it from a completely clean install, it will create a brand new CA cert. I think the script may be able to detect if you already have a CA cert.of course!each server will have its own certificate. OK, you have servers A & B.Answer to richard too... Ok, i tried..on my virtual....I run all command as you know..both in nodo1 and nodo2... Now..both have ssl enabled....but if I try to import CA certificate from nodo1 to nodo2 : ../shared/bin/certutil -A -d . -P slapd-nodo2- -n "CA certificate" -t "CT,," -a -i cacert.asc It says: Certutil-bin: could not obtain certificate from file: You are attempting to import a cert with the same issuer/serial as an existing cert, but that is not the same cert
Plus...as suggested from Susan I ran /usr/bin/ldapsearch -ZZ -h nodo1....
Ant it reports:
Ldap_start_tls: Connect error (-11)
additional info: Start TLS request accepted.Server willing
to negotiate SSL.
Alex
--
Fedora-directory-users mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/fedora-directory-users
smime.p7s
Description: S/MIME Cryptographic Signature
-- Fedora-directory-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/fedora-directory-users
