Shan Kumaraswamy wrote:
Rich,
Can I know command to trust IPA genearated CA cert file?
See below
So I don't think that is the problem here. If that were the problem, I
would expect a different error message. I think you're just going to
have to use something like openssl s_client to examine
Shan Kumaraswamy wrote:
Ok sure, I will do the test and can please let me know command to
import AD CA in to dirsrv cert db?
It is already in there? This is the certificate called "Imported CA"
with Subject: "CN=test-WINDOWS-CA,DC=test,DC=ad" and Issuer:
"CN=test-WINDOWS-CA,DC=test,DC=ad"
Or
Shan Kumaraswamy wrote:
Sorry, I was deleted the copyied cert file :(
If you want to get the CA cert out of the certdb and into ascii/pem format:
certutil -d /etc/dirsrv/slapd-instancename -L -n "Imported CA" -a >
msadca.crt
If you want to get the CA cert directly from MS CA:
on your AD b
