[389-users] Console breaks when enabling no anoymous binding
Gerrard Geldenhuis
Gerrard.Geldenhuis at betfair.com
Tue Aug 10 15:58:55 UTC 2010
>>
>> I found the cause of the problem for the "An error has occurred".
>> When you first click on Manage Certificates in the Admin Server console it prompts you for a password and I believe create the cert store in /etc/dirsrv/admin->serv/
>> I then added the same CA that I used in /etc/dirsrv/slapd-testmasterserver/ cert db. However if you then again remove this CA you get the error has mentioned >message as mentioned above. This is probably not strictly spoken a bug but it would be really "nice" if the error message could tell you that the cert database for >the admin console is empty. I am not sure why it what the interdependence is but from my 10 000 feet view it seems not necessary.
>What's not necessary? Note that the admin server and directory server
>have separate cert databases. Also note that the NSS crypto team is
>working towards a unified system-wide cert db.
That could have been more clear, I meant that a lack of certs in the Admin Server db should not cause an error when trying to access cert information in the directory server db. But as I said that is from 10 000 feet viewpoint.
A system-wide cert db would be really cool. Out of interest, would that also unify /etc/openldap/cacerts?
Regards
________________________________________________________________________
In order to protect our email recipients, Betfair Group use SkyScan from
MessageLabs to scan all Incoming and Outgoing mail for viruses.
________________________________________________________________________
More information about the 389-users
mailing list