<br><br><div class="gmail_quote">On Mon, Aug 8, 2011 at 4:10 PM, s.varadha rajan <span dir="ltr"><<a href="mailto:rajanvaradhu@gmail.com">rajanvaradhu@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
Hi Niranjan,<div><br></div><div>Password we have used while creating the certificate, that is not accepting. this is the problem.</div><div><br></div><div>@Rob,</div><div><br></div><div>We have the certificate in .p12 format and in that all are integrated. generally if you imported from .p12 everything should work.</div>
<div><br></div><div>This is where i am struck and still facing the same issues.</div><div><br></div><div>Regards,</div><div>Varad</div></blockquote><div><br></div><div>Greetings, </div><div><br></div><div>Does the pkcs12 file has a password, do you remember the password of the .pk12 file ?</div>
<div><br></div><div>If so you can try the below </div><div><br></div><div>Important, please take backup of /etc/dirsrv before attempting and also stop directory service </div><div>#service dirsrv stop </div><div><br></div>
<div><br></div><div>take the backup of NSS database file in /etc/dirsrv </div><div><br></div><div><br></div><div>$mv *.db /tmp/mybackup </div><div><br></div><div>$cd /etc/dirsrv </div><div>Create a new database </div><div>
$certutila -N -d /etc/dirsrv</div><div><br></div><div>Import the certificates from pk12 file </div><div>$pk12util -d . -i <file-name>-n <nick-name></div><div><br></div><div>The nick-name is generally "server-cert", You can verify this by listing the contents from the existing directory </div>
<div>$certutil -L -d /tmp/mybackup </div><div><br></div><div>You might have to re-import the CA certificate if required, </div><div>$certutil -A -d /etc/dirsrv -a -i <CA-certificate> -t "TC,," </div><div>
<br></div><div>Regards</div><div>Niranjan</div><div><br></div><div><br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;"><div><div></div><div class="h5"><div><br>
</div><div><br></div><div><br><br><div class="gmail_quote">On Fri, Aug 5, 2011 at 7:05 PM, Rob Crittenden <span dir="ltr"><<a href="mailto:rcritten@redhat.com" target="_blank">rcritten@redhat.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div></div><div>s.varadha rajan wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Hi,<br>
<br>
We are planning to configure ssl enabled Fedora directory server.we have<br>
a proper signed certificate.while importing, it is asking "Enter the<br>
password to access the Token" ? like that. even though we have given the<br>
exact password, while creating the certificate but it is not working.<br>
I referred wiki fedora doc also but getting this error. How to use<br>
existing certificate and enable secure ldap server.<br>
<br>
I have already posted the same question but nobody is reply<br>
<br>
Regards,<br>
Varad<br>
</blockquote>
<br></div></div>
Did you import the cert's private key too?<br><font color="#888888">
<br>
rob<br>
</font></blockquote></div><br></div>
</div></div></blockquote></div><br>