Stefan Kania wrote: > Hi all, > > I like to change the certificate and the key for autoca, but I can't find any > description how to do it. I tried the following LDIF:
The LDAP PKI schema uses DER values, not PEM. > --------------- > dn: dc=example,dc=net > changetype: modify > replace: cACertificate;binary > cACertificate;binary:< file:///root/mycert/cacert.pem > - > replace: cAPrivateKey;binary > cAPrivateKey;binary:< file:///root/mycert/cakey.pem > --------------- > I got: > --------------- > root@ldap-r01:~# ldapmodify -Y external -H ldapi:/// -f change-cert.ldif > SASL/EXTERNAL authentication started > SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth > SASL SSF: 0 > modifying entry "dc=example,dc=net" > ldap_modify: Invalid syntax (21) > additional info: cACertificate;binary: value #0 invalid per syntax > ---------------- > So what is the right way to change the certificate and the key? > > > Thank's > > > Stefan > > -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
