depending on your version of 389, look at "dsctl tls import-ca"
{william@ldapkdc 9:12} ~/development $ dsctl localhost tls import-ca --help
usage: dsctl [instance] tls import-ca [-h] cert_path nickname
positional arguments:
cert_path The path to the x509 cert to import as a server CA
hi,
some time ago I asked for a scriptable way of creating a certificate request,
here's the thread:
https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org/thread/EHWWAHOO3S2HZEWJEXTQKDDRH33NLSMU/#HF7ZPVLMUK32AIEEWPEOLUJGZFXXRCEK
I didn't have the time to write