I don't know what did you downloaded.
It should be CA used to sign the LDAP services on AD.
If it's CA created by AD SSL, you can get it for example as follows:
1. Press "Start" -> "Run" and write "cmd" and press "Enter".
2. Extract the CA certificate using the following command:
```
>
I do this already.
The CA certificate that i download is fine also for ldap?
Nick
2017-10-11 14:56 GMT+02:00 Ondra Machacek :
> You can download it just a temporary, for example to /tmp.
> Then aaa-setup-tool wil create jks file in /etc/ovirt-engine/aaa/ directory.
> After
You can download it just a temporary, for example to /tmp.
Then aaa-setup-tool wil create jks file in /etc/ovirt-engine/aaa/ directory.
After that you can remove the CA file and keep just jks file.
On Wed, Oct 11, 2017 at 2:37 PM, nicola gentile
wrote:
> Yes I
Yes I created by aaa-setup tool.
I noticed that the CA certificate was expired, than I download new
certificate and I run aaa-setup tool.
is there a specific place to put the certificate file ca? I put in root home.
Thank a lot
Nick
2017-10-11 14:18 GMT+02:00 Ondra Machacek
It fails on SSL handshake:
sun.security.validator.ValidatorException: No trusted certificate found
How did you create 'polito.it.jks' file? By aaa-setup tool?
Are use sure you've entered correct CA certificate there?
On Wed, Oct 11, 2017 at 1:30 PM, nicola gentile
5 matches
Mail list logo