
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">

<html>

  <head>

    <meta content="text/html; charset=ISO-8859-1"

      http-equiv="Content-Type">

  </head>

  <body bgcolor="#ffffff" text="#000000">

    On 02/21/2012 07:15 AM, MATON Brett wrote:

    <blockquote cite="mid:201202211426.q1LEQMZS017076@mx1.redhat.com"

      type="cite">

      <meta http-equiv="Content-Type" content="text/html;

        charset=ISO-8859-1">

      <meta name="Generator" content="Microsoft Word 12 (filtered

        medium)">

      <style><!--

/* Font Definitions */

@font-face

        {font-family:"Cambria Math";

        panose-1:2 4 5 3 5 4 6 3 2 4;}

@font-face

        {font-family:Calibri;

        panose-1:2 15 5 2 2 2 4 3 2 4;}

@font-face

        {font-family:Tahoma;

        panose-1:2 11 6 4 3 5 4 4 2 4;}

@font-face

        {font-family:Verdana;

        panose-1:2 11 6 4 3 5 4 4 2 4;}

@font-face

        {font-family:Consolas;

        panose-1:2 11 6 9 2 2 4 3 2 4;}

/* Style Definitions */

p.MsoNormal, li.MsoNormal, div.MsoNormal

        {margin:0cm;

        margin-bottom:.0001pt;

        font-size:11.0pt;

        font-family:"Calibri","sans-serif";

        color:black;}

a:link, span.MsoHyperlink

        {mso-style-priority:99;

        color:blue;

        text-decoration:underline;}

a:visited, span.MsoHyperlinkFollowed

        {mso-style-priority:99;

        color:purple;

        text-decoration:underline;}

p

        {mso-style-priority:99;

        mso-margin-top-alt:auto;

        margin-right:0cm;

        mso-margin-bottom-alt:auto;

        margin-left:0cm;

        font-size:12.0pt;

        font-family:"Times New Roman","serif";

        color:black;}

pre

        {mso-style-priority:99;

        mso-style-link:"HTML Preformatted Char";

        margin:0cm;

        margin-bottom:.0001pt;

        font-size:10.0pt;

        font-family:"Courier New";

        color:black;}

p.MsoAcetate, li.MsoAcetate, div.MsoAcetate

        {mso-style-priority:99;

        mso-style-link:"Balloon Text Char";

        margin:0cm;

        margin-bottom:.0001pt;

        font-size:8.0pt;

        font-family:"Tahoma","sans-serif";

        color:black;}

span.HTMLPreformattedChar

        {mso-style-name:"HTML Preformatted Char";

        mso-style-priority:99;

        mso-style-link:"HTML Preformatted";

        font-family:Consolas;

        color:black;}

span.BalloonTextChar

        {mso-style-name:"Balloon Text Char";

        mso-style-priority:99;

        mso-style-link:"Balloon Text";

        font-family:"Tahoma","sans-serif";

        color:black;}

span.Preacute1

        {mso-style-name:"Pr&eacute1\,format&eacute1\,HTML Car1";

        mso-style-priority:99;

        mso-style-link:"Pr&eacute\,format&eacute\,HTML";

        font-family:Consolas;

        color:black;}

p.Preacute, li.Preacute, div.Preacute

        {mso-style-name:"Pr&eacute\,format&eacute\,HTML";

        mso-style-priority:99;

        mso-style-link:"Pr&eacute2\,format&eacute2\,HTML Car2";

        margin:0cm;

        margin-bottom:.0001pt;

        font-size:11.0pt;

        font-family:"Calibri","sans-serif";

        color:black;}

span.PrformatHTMLCar

        {mso-style-name:"Pr&eacute;format&eacute; HTML Car";

        mso-style-priority:99;

        mso-style-link:"Pr&eacute;format&eacute; HTML";

        font-family:Consolas;

        color:black;}

p.PrformatHTML, li.PrformatHTML, div.PrformatHTML

        {mso-style-name:"Pr&eacute;format&eacute; HTML";

        mso-style-priority:99;

        mso-style-link:"Pr&eacute;format&eacute; HTML Car";

        margin:0cm;

        margin-bottom:.0001pt;

        font-size:11.0pt;

        font-family:"Calibri","sans-serif";

        color:black;}

span.Preacute2

        {mso-style-name:"Pr&eacute2\,format&eacute2\,HTML Car2";

        mso-style-priority:99;

        mso-style-link:"Pr&eacute\,format&eacute\,HTML";

        font-family:Consolas;

        color:black;}

span.EmailStyle27

        {mso-style-type:personal;

        font-family:"Calibri","sans-serif";

        color:windowtext;}

span.EmailStyle28

        {mso-style-type:personal;

        font-family:"Calibri","sans-serif";

        color:#1F497D;}

span.EmailStyle29

        {mso-style-type:personal;

        font-family:"Calibri","sans-serif";

        color:#1F497D;}

span.EmailStyle30

        {mso-style-type:personal;

        font-family:"Calibri","sans-serif";

        color:#1F497D;}

span.EmailStyle31

        {mso-style-type:personal;

        font-family:"Calibri","sans-serif";

        color:#1F497D;}

span.EmailStyle32

        {mso-style-type:personal;

        font-family:"Calibri","sans-serif";

        color:#1F497D;}

span.EmailStyle33

        {mso-style-type:personal;

        font-family:"Calibri","sans-serif";

        color:#1F497D;}

span.EmailStyle36

        {mso-style-type:personal-reply;

        font-family:"Calibri","sans-serif";

        color:#1F497D;}

.MsoChpDefault

        {mso-style-type:export-only;

        font-size:10.0pt;}

@page WordSection1

        {size:612.0pt 792.0pt;

        margin:72.0pt 72.0pt 72.0pt 72.0pt;}

div.WordSection1

        {page:WordSection1;}

--></style><!--[if gte mso 9]><xml>

<o:shapedefaults v:ext="edit" spidmax="1026" />

</xml><![endif]--><!--[if gte mso 9]><xml>

<o:shapelayout v:ext="edit">

<o:idmap v:ext="edit" data="1" />

</o:shapelayout></xml><![endif]-->

      <div class="WordSection1">

        <p class="MsoNormal"><span style="color: rgb(31, 73, 125);">Hi

            Rich,<o:p></o:p></span></p>

        <p class="MsoNormal"><span style="color: rgb(31, 73, 125);"><o:p>&nbsp;</o:p></span></p>

        <p class="MsoNormal"><span style="color: rgb(31, 73, 125);">&nbsp;

            I&#8217;m still banging my head with this one.<o:p></o:p></span></p>

        <p class="MsoNormal"><span style="color: rgb(31, 73, 125);">&nbsp; I

            did notice though that the slave server doesn&#8217;t ask for the

            CertificateDB password.<o:p></o:p></span></p>

        <p class="MsoNormal"><span style="color: rgb(31, 73, 125);"><o:p>&nbsp;</o:p></span></p>

        <p class="MsoNormal"><span style="color: rgb(31, 73, 125);">&nbsp; Is

            there any way to check where it&#8217;s actually looking for the

            key databases?</span></p>

      </div>

    </blockquote>

    Not without trying to use gdb to run the CGI programs through the

    debugger.<br>

    <blockquote cite="mid:201202211426.q1LEQMZS017076@mx1.redhat.com"

      type="cite">

      <div class="WordSection1">

        <p class="MsoNormal"><span style="color: rgb(31, 73, 125);"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="color: rgb(31, 73, 125);"><o:p>&nbsp;</o:p></span></p>

        <p class="MsoNormal"><span style="color: rgb(31, 73, 125);">Brett<o:p></o:p></span></p>

        <p class="MsoNormal"><span style="color: rgb(31, 73, 125);"><o:p>&nbsp;</o:p></span></p>

        <div>

          <div style="border-right: medium none; border-width: 1pt

            medium medium; border-style: solid none none; border-color:

            rgb(181, 196, 223) -moz-use-text-color -moz-use-text-color;

            padding: 3pt 0cm 0cm;">

            <p class="MsoNormal"><b><span style="font-size: 10pt;

                  font-family:

                  &quot;Tahoma&quot;,&quot;sans-serif&quot;; color:

                  windowtext;" lang="EN-US">From:</span></b><span

                style="font-size: 10pt; font-family:

                &quot;Tahoma&quot;,&quot;sans-serif&quot;; color:

                windowtext;" lang="EN-US">

                <a class="moz-txt-link-abbreviated" href="mailto:389-users-bounces@lists.fedoraproject.org">389-users-bounces@lists.fedoraproject.org</a>

                [<a class="moz-txt-link-freetext" href="mailto:389-users-bounces@lists.fedoraproject.org">mailto:389-users-bounces@lists.fedoraproject.org</a>] <b>On

                  Behalf Of </b>MATON Brett<br>

                <b>Sent:</b> 10 February 2012 07:24<br>

                <b>To:</b> General discussion list for the 389 Directory

                server project.; Rich Megginson<br>

                <b>Subject:</b> Re: [389-users] dirsrv-admin with

                existing (remote) configuration server using SSL<o:p></o:p></span></p>

          </div>

        </div>

        <p class="MsoNormal"><o:p>&nbsp;</o:p></p>

        <p class="MsoNormal">On 02/08/2012 01:31 PM, MATON Brett wrote:

          <o:p></o:p></p>

        <p class="MsoNormal"><span style="color: rgb(31, 73, 125);"

            lang="FR-BE">Platform is RHEL6.2 x64</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="color: rgb(31, 73, 125);"

            lang="FR-BE">&nbsp;</span><span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="FR-BE">$ rpm -qa|grep 389</span><span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="FR-BE">389-admin-console-doc-1.1.8-1.el6.noarch</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="FR-BE">389-ds-base-libs-1.2.9.14-1.el6_2.2.x86_64</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="FR-BE">389-admin-console-1.1.8-1.el6.noarch</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="FR-BE">389-adminutil-1.1.14-2.el6.x86_64</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="FR-BE">389-ds-console-1.2.6-1.el6.noarch</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="FR-BE">389-ds-1.2.2-1.el6.noarch</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="FR-BE">389-ds-base-1.2.9.14-1.el6_2.2.x86_64</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="FR-BE">389-ds-console-doc-1.2.6-1.el6.noarch</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="FR-BE">389-console-1.1.7-1.el6.noarch</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="FR-BE">389-admin-1.1.25-1.el6.x86_64</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="FR-BE">389-dsgw-1.1.7-2.el6.x86_64</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="color: rgb(31, 73, 125);"

            lang="FR-BE">&nbsp;</span><span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">$ rpm -qi openldap</span><span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">Name&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; : openldap&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;

            Relocations: (not relocatable)</span><span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">Version&nbsp;&nbsp;&nbsp;&nbsp; : 2.4.23&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;

            Vendor: Red Hat, Inc.</span><span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">Release&nbsp;&nbsp;&nbsp;&nbsp; : 20.el6&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;

            Build Date: Tue 04 Oct 2011 01:48:15 PM CEST</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">Install Date: Wed 08 Feb 2012 09:20:30 AM

            CET&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Build Host: x86-010.build.bos.redhat.com</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">Group&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; : System Environment/Daemons&nbsp;&nbsp;&nbsp;

            Source RPM: openldap-2.4.23-20.el6.src.rpm</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">Size&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; : 779076&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;

            License: OpenLDAP</span><span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">Signature&nbsp;&nbsp; : RSA/8, Mon 07 Nov 2011 08:37:10

            AM CET, Key ID 199e2f91fd431d51</span><span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">Packager&nbsp;&nbsp;&nbsp; : Red Hat, Inc. <a

              moz-do-not-send="true"

              href="http://bugzilla.redhat.com/bugzilla">&lt;http://bugzilla.redhat.com/bugzilla&gt;</a></span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="FR-BE">URL&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; : <a moz-do-not-send="true"

              href="http://www.openldap.org/">http://www.openldap.org/</a></span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="FR-BE">Summary&nbsp;&nbsp;&nbsp;&nbsp; : LDAP support libraries</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="FR-BE">Description :&nbsp; &lt;snipped&gt;</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="color: rgb(31, 73, 125);"

            lang="FR-BE">&nbsp;</span><span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">rpm -qi nss</span><span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">Name&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; : nss&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;

            Relocations: (not relocatable)</span><span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">Version&nbsp;&nbsp;&nbsp;&nbsp; : 3.12.10&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;

            Vendor: Red Hat, Inc.</span><span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">Release&nbsp;&nbsp;&nbsp;&nbsp; : 17.el6_2&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;

            Build Date: Sat 10 Dec 2011 12:32:24 AM CET</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">Install Date: Wed 08 Feb 2012 09:20:30 AM

            CET&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Build Host: x86-003.build.bos.redhat.com</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">Group&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; : System Environment/Libraries&nbsp;&nbsp;

            Source RPM: nss-3.12.10-17.el6_2.src.rpm</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">Size&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; : 2602368&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;

            &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;License: MPLv1.1 or GPLv2+ or LGPLv2+</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">Signature&nbsp;&nbsp; : RSA/8, Wed 14 Dec 2011 01:37:20

            PM CET, Key ID 199e2f91fd431d51</span><span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">Packager&nbsp;&nbsp;&nbsp; : Red Hat, Inc. <a

              moz-do-not-send="true"

              href="http://bugzilla.redhat.com/bugzilla">&lt;http://bugzilla.redhat.com/bugzilla&gt;</a></span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">URL&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; : <a moz-do-not-send="true"

              href="http://www.mozilla.org/projects/security/pki/nss/">http://www.mozilla.org/projects/security/pki/nss/</a></span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">Summary&nbsp;&nbsp;&nbsp;&nbsp; : Network Security Services</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="FR-BE">Description : &lt;snipped&gt;</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 12pt; font-family:

            &quot;Times New Roman&quot;,&quot;serif&quot;;" lang="FR-BE">grep

            -i admconfigdir /etc/dirsrv/admin-serv/*</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="color: rgb(31, 73, 125);"

            lang="FR-BE">&nbsp;</span><span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="FR-BE"># grep -i admconfigdir /etc/dirsrv/admin-serv/*</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="FR-BE">/etc/dirsrv/admin-serv/admserv.conf:ADMConfigDir

            "/etc/dirsrv/admin-serv"</span><span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 12pt; font-family:

            &quot;Times New Roman&quot;,&quot;serif&quot;;" lang="FR-BE"><br>

            grep -i NSSEngine /etc/dirsrv/admin-serv/* </span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="color: rgb(31, 73, 125);"

            lang="FR-BE">&nbsp;</span><span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="FR-BE"># grep -i NSSEngine /etc/dirsrv/admin-serv/*</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="FR-BE">/etc/dirsrv/admin-serv/console.conf:NSSEngine

            off</span><span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal" style="margin-bottom: 12pt;"><span

            style="font-size: 12pt; font-family: &quot;Times New

            Roman&quot;,&quot;serif&quot;;" lang="FR-BE"><br>

            service dirsrv stop<br>

            /usr/sbin/start-ds-admin -e debug</span><span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US"># service dirsrv stop</span><span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">Shutting down dirsrv:</span><span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">&nbsp;&nbsp;&nbsp; </span><span style="font-size: 10pt;

            font-family: &quot;Courier New&quot;;" lang="FR-BE">&lt;host&gt;...&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;

            [&nbsp; OK&nbsp; ]</span><span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="color: rgb(31, 73, 125);"

            lang="FR-BE">&nbsp;</span><span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US"># /usr/sbin/start-ds-admin -e debug</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">[Wed Feb 08 22:03:59 2012] [debug]

            mod_so.c(246): loaded module authz_host_module</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">[Wed Feb 08 22:03:59 2012] [debug]

            mod_so.c(246): loaded module auth_basic_module</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">[Wed Feb 08 22:03:59 2012] [debug]

            mod_so.c(246): loaded module authn_file_module</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">[Wed Feb 08 22:03:59 2012] [debug]

            mod_so.c(246): loaded module log_config_module</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">[Wed Feb 08 22:03:59 2012] [debug]

            mod_so.c(246): loaded module env_module</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">[Wed Feb 08 22:03:59 2012] [debug]

            mod_so.c(246): loaded module mime_magic_module</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">[Wed Feb 08 22:03:59 2012] [debug]

            mod_so.c(246): loaded module unique_id_module</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">[Wed Feb 08 22:03:59 2012] [debug]

            mod_so.c(246): loaded module setenvif_module</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">[Wed Feb 08 22:03:59 2012] [debug]

            mod_so.c(246): loaded module mime_module</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">[Wed Feb 08 22:03:59 2012] [debug]

            mod_so.c(246): loaded module negotiation_module</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">[Wed Feb 08 22:03:59 2012] [debug]

            mod_so.c(246): loaded module dir_module</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">[Wed Feb 08 22:03:59 2012] [debug]

            mod_so.c(246): loaded module alias_module</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">[Wed Feb 08 22:03:59 2012] [debug]

            mod_so.c(246): loaded module rewrite_module</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">[Wed Feb 08 22:03:59 2012] [debug]

            mod_so.c(246): loaded module cgi_module</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">[Wed Feb 08 22:03:59 2012] [debug]

            mod_so.c(246): loaded module restartd_module</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">[Wed Feb 08 22:03:59 2012] [debug]

            mod_so.c(246): loaded module nss_module</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">[Wed Feb 08 22:03:59 2012] [debug]

            mod_so.c(246): loaded module admserv_module</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">[Wed Feb 08 22:03:59 2012] [debug]

            mod_admserv/mod_admserv.c(2509): [25197]

            create_server_config [0xbogus %p for (null)</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">[Wed Feb 08 22:03:59 2012] [debug]

            mod_admserv/mod_admserv.c(2497): [25197] create_config

            [0xbogus %p for (null)</span><span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">[Wed Feb 08 22:03:59 2012] [debug]

            mod_admserv/mod_admserv.c(2570): [25197] Set [0xbogus %p

            [ADMCacheLifeTime] to 600</span><span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">[Wed Feb 08 22:03:59 2012] [debug]

            mod_admserv/mod_admserv.c(2588): [25197] Set [0xbogus %p

            [ADMServerVersionString] to 389-Administrator/1.1.25</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">[Wed Feb 08 22:03:59 2012] [debug]

            mod_admserv/mod_admserv.c(2497): [25197] create_config

            [0xbogus %p for /*/[tT]asks/[Oo]peration/*</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">[Wed Feb 08 22:03:59 2012] [debug]

            mod_admserv/mod_admserv.c(2522): [25197] adminsdk [0xbogus

            %p flag 1</span><span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">[Wed Feb 08 22:03:59 2012] [debug]

            mod_admserv/mod_admserv.c(2497): [25197] create_config

            [0xbogus %p for /*/[tT]asks/[Cc]onfiguration/*</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">[Wed Feb 08 22:03:59 2012] [debug]

            mod_admserv/mod_admserv.c(2522): [25197] adminsdk [0xbogus

            %p flag 1</span><span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">[Wed Feb 08 22:03:59 2012] [debug]

            mod_admserv/mod_admserv.c(2497): [25197] create_config

            [0xbogus %p for

/*/[tT]asks/[Oo]peration/(?i:stop|start|restart|startconfigds|create|remove)$</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">[Wed Feb 08 22:03:59 2012] [debug]

            mod_admserv/mod_admserv.c(2522): [25197] adminsdk [0xbogus

            %p flag 0</span><span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">Server failed to start !!! Please check errors

            log for problems</span><span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="color: rgb(31, 73, 125);"

            lang="EN-US">&nbsp;</span><span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US"># tail /var/log/dirsrv/admin-serv/error</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">[Wed Feb 08 22:04:05 2012] [debug]

            mod_admserv/mod_admserv.c(1456):

            populate_tasks_from_server(): getting tasks for server

            [admin-serv] siedn [cn=admin-serv-&lt;host&gt;,cn=389

            Administration Server,cn=Server Group,cn=&lt;host

            FQDN&gt;,ou=admins.unix,o=NetscapeRoot]</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">[Wed Feb 08 22:04:05 2012] [crit] sslinit: NSS

            is required to use LDAPS, but security initialization failed

            [-12285:Unable to find the certificate or key necessary for

            authentication.].&nbsp; Cannot start server</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal" style="margin-bottom: 12pt;"><span

            style="font-size: 12pt; font-family: &quot;Times New

            Roman&quot;,&quot;serif&quot;;" lang="FR-BE">Ok.&nbsp; Well, it's

            just not working and I don't know why.&nbsp; Please file a ticket

            and we'll get around to it.<o:p></o:p></span></p>

        <p class="MsoNormal"><span style="color: rgb(31, 73, 125);"

            lang="EN-US">Sure, I&#8217;ll do that tomorrow and add the ticket

            reference here.<o:p></o:p></span></p>

        <p class="MsoNormal"><span style="color: rgb(31, 73, 125);"

            lang="EN-US"><o:p>&nbsp;</o:p></span></p>

        <p class="MsoNormal"><span style="color: rgb(31, 73, 125);"

            lang="EN-US">Trac: <a moz-do-not-send="true"

              href="https://fedorahosted.org/389/ticket/287">https://fedorahosted.org/389/ticket/287</a><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="color: rgb(31, 73, 125);"

            lang="EN-US"><o:p>&nbsp;</o:p></span></p>

        <p class="MsoNormal"><span style="color: rgb(31, 73, 125);"

            lang="EN-US">Thanks,<o:p></o:p></span></p>

        <p class="MsoNormal"><span style="color: rgb(31, 73, 125);"

            lang="EN-US">Brett<o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">&nbsp;</span><span lang="EN-US"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">&nbsp;</span><span lang="EN-US"><o:p></o:p></span></p>

        <div>

          <div style="border-right: medium none; border-width: 1pt

            medium medium; border-style: solid none none; padding: 3pt

            0cm 0cm; border-color: -moz-use-text-color;">

            <p class="MsoNormal"><b><span style="font-size: 10pt;

                  font-family:

                  &quot;Tahoma&quot;,&quot;sans-serif&quot;; color:

                  windowtext;" lang="EN-US">De&nbsp;:</span></b><span

                style="font-size: 10pt; font-family:

                &quot;Tahoma&quot;,&quot;sans-serif&quot;; color:

                windowtext;" lang="EN-US"> Rich Megginson [</span><span

                style="font-size: 10pt; font-family:

                &quot;Tahoma&quot;,&quot;sans-serif&quot;; color:

                windowtext;" lang="FR"><a moz-do-not-send="true"

                  href="mailto:rmeggins@redhat.com"><span lang="EN-US">mailto:rmeggins@redhat.com</span></a></span><span

                style="font-size: 10pt; font-family:

                &quot;Tahoma&quot;,&quot;sans-serif&quot;; color:

                windowtext;" lang="EN-US">] <br>

                <b>Envoy&eacute;&nbsp;:</b> mercredi 8 f&eacute;vrier 2012 21:16<br>

                <b>&Agrave;&nbsp;:</b> MATON Brett<br>

                <b>Cc&nbsp;:</b> General discussion list for the 389

                Directory server project.<br>

              </span><b><span style="font-size: 10pt; font-family:

                  &quot;Tahoma&quot;,&quot;sans-serif&quot;; color:

                  windowtext;" lang="FR">Objet&nbsp;:</span></b><span

                style="font-size: 10pt; font-family:

                &quot;Tahoma&quot;,&quot;sans-serif&quot;; color:

                windowtext;" lang="FR"> Re: [389-users] dirsrv-admin

                with existing (remote) configuration server using SSL</span><span

                lang="FR-BE"><o:p></o:p></span></p>

          </div>

        </div>

        <p class="MsoNormal"><span lang="FR-BE">&nbsp;<o:p></o:p></span></p>

        <p class="MsoNormal"><span lang="FR-BE">On 02/08/2012 12:18 PM,

            MATON Brett wrote: <o:p></o:p></span></p>

        <p class="MsoNormal"><span style="color: rgb(31, 73, 125);"

            lang="EN-US">Thanks for your help Rich,</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="color: rgb(31, 73, 125);"

            lang="EN-US">&nbsp;</span><span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="FR-BE">LDAPTLS_CACERTDIR=/etc/dirsrv/admin-serv</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">ldapsearch -x -H <a moz-do-not-send="true"

              href="ldaps://">ldaps://</a>&lt;config server FQDN&gt; -D

            "cn=Directory Manager" &#8211;W &#8211;s base &#8211;b &#8220;&#8221;</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US"># extended LDIF</span><span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">#</span><span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US"># LDAPv3</span><span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US"># base &lt;&gt; with scope baseObject</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US"># filter: (objectclass=*)</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US"># requesting: ALL</span><span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">#</span><span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">&nbsp;</span><span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">#</span><span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">dn:</span><span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">objectClass: top</span><span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">namingContexts: dc=admins,dc=unix</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;; color: rgb(31, 73, 125);"

            lang="EN-US">&#8230;</span><span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="color: rgb(31, 73, 125);"

            lang="EN-US">&nbsp;</span><span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="color: rgb(31, 73, 125);"

            lang="EN-US">No complaints from those commands, the plot

            thickens ;)</span><span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal" style="margin-bottom: 12pt;"><span

            style="font-size: 12pt; font-family: &quot;Times New

            Roman&quot;,&quot;serif&quot;;" lang="FR-BE">What platform

            is this?<br>

            rpm -qa|grep 389<br>

            rpm -qi openldap<br>

            rpm -qi nss<br>

            <br>

            <br>

          </span><span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="color: rgb(31, 73, 125);"

            lang="EN-US">&nbsp;</span><span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="color: rgb(31, 73, 125);"

            lang="EN-US">Brett</span><span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="color: rgb(31, 73, 125);"

            lang="EN-US">&nbsp;</span><span lang="FR-BE"><o:p></o:p></span></p>

        <div>

          <div style="border-right: medium none; border-width: 1pt

            medium medium; border-style: solid none none; padding: 3pt

            0cm 0cm; border-color: -moz-use-text-color;">

            <p class="MsoNormal"><b><span style="font-size: 10pt;

                  font-family:

                  &quot;Tahoma&quot;,&quot;sans-serif&quot;; color:

                  windowtext;" lang="FR">De&nbsp;:</span></b><span

                style="font-size: 10pt; font-family:

                &quot;Tahoma&quot;,&quot;sans-serif&quot;; color:

                windowtext;" lang="FR"> Rich Megginson [<a

                  moz-do-not-send="true"

                  href="mailto:rmeggins@redhat.com">mailto:rmeggins@redhat.com</a>]

                <br>

                <b>Envoy&eacute;&nbsp;:</b> mercredi 8 f&eacute;vrier 2012 16:43<br>

                <b>&Agrave;&nbsp;:</b> General discussion list for the 389 Directory

                server project.<br>

                <b>Cc&nbsp;:</b> MATON Brett<br>

                <b>Objet&nbsp;:</b> Re: [389-users] dirsrv-admin with

                existing (remote) configuration server using SSL</span><span

                lang="FR-BE"><o:p></o:p></span></p>

          </div>

        </div>

        <p class="MsoNormal"><span lang="FR-BE">&nbsp;<o:p></o:p></span></p>

        <p class="MsoNormal"><span lang="FR-BE">On 02/08/2012 07:20 AM,

            MATON Brett wrote: <o:p></o:p></span></p>

        <p class="MsoNormal"><span lang="FR-BE">Installation appears to

            go fine until it tries to start the admin server:<o:p></o:p></span></p>

        <p class="MsoNormal"><span lang="FR-BE">&nbsp;<o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;;" lang="FR-BE">Configuration

            directory server URL [<a moz-do-not-send="true"

              href="ldap://">ldap://</a>&lt;local

            FQDN&gt;:389/o=NetscapeRoot]: <a moz-do-not-send="true"

              href="ldaps://">ldaps://</a>&lt;Config Server

            FQDN&gt;:636/o=NetscapeRoot</span><span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;;" lang="FR-BE">...</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;;" lang="FR-BE">CA certificate

            filename: /etc/openldap/cacerts/&lt;base64 cert file&gt;</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;;" lang="FR-BE">...</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span lang="FR-BE">&nbsp;<o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;;" lang="FR-BE">output: Server failed

            to start !!! Please check errors log for problems</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;;" lang="FR-BE">output:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;

            [FAILED]</span><span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span lang="FR-BE">&nbsp;<o:p></o:p></span></p>

        <p class="MsoNormal"><span lang="FR-BE">/var/log/dirsrv/admin-serv/error:<o:p></o:p></span></p>

        <p class="MsoNormal"><span lang="FR-BE">&nbsp;<o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;;" lang="FR-BE">[Wed Feb 08 13:35:26

            2012] [notice] SELinux policy enabled; httpd running as

            context unconfined_u:system_r:httpd_t:s0</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;;" lang="FR-BE">[Wed Feb 08 13:35:32

            2012] [crit] sslinit: NSS is required to use LDAPS, but

            security initialization failed [-12285:Unable to find the

            certificate or key necessary for authentication.].&nbsp; Cannot

            start server</span><span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span lang="FR-BE">&nbsp;<o:p></o:p></span></p>

        <p class="MsoNormal"><span lang="FR-BE">The server, has however

            successfully registered itself with the remote Configuration

            Directory Server.<o:p></o:p></span></p>

        <p class="MsoNormal"><span lang="FR-BE">(shows up in the server

            group in 389-Console and Directory Server is available).<o:p></o:p></span></p>

        <p class="MsoNormal"><span lang="FR-BE">&nbsp;<o:p></o:p></span></p>

        <p class="MsoNormal"><span lang="FR-BE">I wasn&#8217;t asked to

            provide a keystore password &nbsp;when adding the certificate to

            the store, as you would be with 389-Console GUI when first

            opening the certificate store.<o:p></o:p></span></p>

        <p class="MsoNormal"><span lang="FR-BE">Is that intentional or

            not?<o:p></o:p></span></p>

        <p class="MsoNormal"><span lang="FR-BE">&nbsp;<o:p></o:p></span></p>

        <p class="MsoNormal"><span lang="FR-BE">I&#8217;m now a bit stumped

            (again), I had a look at the certdb with certutil:<o:p></o:p></span></p>

        <p class="MsoNormal"><span lang="FR-BE">&nbsp;<o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;;" lang="FR-BE">[root@&lt;host&gt;

            admin-serv]# certutil -d . -L</span><span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;;" lang="FR-BE">&nbsp;</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;;" lang="FR-BE">Certificate

            Nickname&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Trust

            Attributes</span><span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;;" lang="FR-BE">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;

            SSL,S/MIME,JAR/XPI</span><span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;;" lang="FR-BE">&nbsp;</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;;" lang="FR-BE">CA

            certificate&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;

            CT,,</span><span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span lang="FR-BE">&nbsp;<o:p></o:p></span></p>

        <p class="MsoNormal"><span lang="FR-BE">Which leads me to

            believe that it should be able to at least find the

            certificate...<o:p></o:p></span></p>

        <p class="MsoNormal"><span lang="FR-BE">I also checked

            file/directory ownership and permissions which match those

            on the working &#8216;master&#8217; server.<o:p></o:p></span></p>

        <p class="MsoNormal"><span lang="FR-BE">&nbsp;<o:p></o:p></span></p>

        <p class="MsoNormal"><span lang="FR-BE">&nbsp;<o:p></o:p></span></p>

        <p class="MsoNormal"><span lang="FR-BE">Installer issue:<o:p></o:p></span></p>

        <p class="MsoNormal"><span lang="FR-BE">&nbsp; If you make a mistake

            and get asked to try again (I typed the ldaps port as 633

            instead if 636), you get stuck at the CA Certificate

            filename stage with the following:<o:p></o:p></span></p>

        <p class="MsoNormal"><span lang="FR-BE">&nbsp;<o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;;" lang="FR-BE">CA certificate

            filename [/etc/openldap/cacerts/CAServer.crt]:</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;;" lang="FR-BE">The certificate

            database in '/etc/dirsrv/admin-serv' already contains a CA

            certificate.&nbsp; Please remove it first, or use the certutil

            program to add the CA certificate with a different name.</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;;" lang="FR-BE">Please try again, in

            case you mis-typed something.</span><span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 10pt; font-family:

            &quot;Courier New&quot;;" lang="FR-BE">&nbsp;</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span lang="FR-BE">Simple enough solution

            as for me this is a fresh install, is to delete cert8.db and

            keys3.db in </span><span style="font-size: 10pt;

            font-family: &quot;Courier New&quot;;" lang="FR-BE">/etc/dirserv/admin-serv/</span><span

            lang="FR-BE"> from another session.<o:p></o:p></span></p>

        <p class="MsoNormal" style="margin-bottom: 12pt;"><span

            style="font-size: 12pt; font-family: &quot;Times New

            Roman&quot;,&quot;serif&quot;;" lang="FR-BE">You can use

            ldapsearch to test if the cert db is correct:<br>

            <br>

            LDAPTLS_CACERTDIR=/etc/dirsrv/admin-serv ldapsearch -x -H <a

              moz-do-not-send="true" href="ldaps://">ldaps://</a></span><span

            style="font-size: 10pt; font-family: &quot;Courier

            New&quot;;" lang="FR-BE">&lt;Config Server FQDN&gt; -D

            "cn=directory manager" -W -s base -b ""<br>

            if that doesn't work, use ldapsearch -d 1 -x .... to get

            more debugging information.<br>

            <br>

            The error is strange though.&nbsp; It seems to imply that the

            admin server is looking for a cert or key.&nbsp; If the admin

            server is acting only as an SSL client, it should not need

            to look up a cert or key, it should only need the CA cert.<br>

            <br>

            <br>

            <br>

          </span><span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span lang="FR-BE">&nbsp;<o:p></o:p></span></p>

        <p><span style="font-size: 7pt; font-family:

            &quot;Verdana&quot;,&quot;sans-serif&quot;; color: gray;"

            lang="FR-BE">-------------------------------------------------------------------</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><strong><span style="font-size: 7.5pt;

              font-family: &quot;Tahoma&quot;,&quot;sans-serif&quot;;

              color: rgb(102, 153, 51);">GreeNRB</span></strong><b><span

              style="font-size: 7.5pt; font-family:

              &quot;Tahoma&quot;,&quot;sans-serif&quot;;"><br>

            </span></b><em><span style="font-size: 7.5pt; font-family:

              &quot;Tahoma&quot;,&quot;sans-serif&quot;;">NRB considers

              its environmental responsibility and goes for green IT.</span></em><span

            style="font-size: 7.5pt; font-family:

            &quot;Tahoma&quot;,&quot;sans-serif&quot;;"> <br>

            <i>May we ask you to consider yours before printing this

              e-mail?&nbsp;</i><b>&nbsp;</b></span> <span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><b><span style="font-size: 7.5pt;

              font-family: &quot;Tahoma&quot;,&quot;sans-serif&quot;;

              color: rgb(0, 0, 102);">NRB, daring to commit <br>

            </span></b><i><span style="font-size: 7.5pt; font-family:

              &quot;Tahoma&quot;,&quot;sans-serif&quot;;">This e-mail

              and any attachments, which may contain information that is

              confidential and/or protected by intellectual property

              rights, are intended for the exclusive use of the

              above-mentioned addressee(s). Any use (including

              reproduction, disclosure and whole or partial distribution

              in any form whatsoever) of their content is prohibited

              without prior authorization of NRB. If you have received

              this message by error, please contact the sender promptly

              by resending this e-mail back to him (her), or by calling

              the above number. Thank you for subsequently deleting this

              e-mail and any files attached thereto.</span></i><span

            lang="FR-BE"><o:p></o:p></span></p>

        <pre><span lang="FR-BE">&nbsp;<o:p></o:p></span></pre>

        <pre><span lang="FR-BE">&nbsp;<o:p></o:p></span></pre>

        <pre><span lang="FR-BE">--<o:p></o:p></span></pre>

        <pre><span lang="FR-BE">389 users mailing list<o:p></o:p></span></pre>

        <pre><span lang="FR-BE"><a moz-do-not-send="true" href="mailto:389-users@lists.fedoraproject.org">389-users@lists.fedoraproject.org</a><o:p></o:p></span></pre>

        <pre><span lang="FR-BE"><a moz-do-not-send="true" href="https://admin.fedoraproject.org/mailman/listinfo/389-users">https://admin.fedoraproject.org/mailman/listinfo/389-users</a><o:p></o:p></span></pre>

        <p class="MsoNormal"><span style="font-size: 12pt; font-family:

            &quot;Times New Roman&quot;,&quot;serif&quot;;" lang="FR-BE">&nbsp;</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p><span style="font-size: 7pt; font-family:

            &quot;Verdana&quot;,&quot;sans-serif&quot;;" lang="FR-BE">-------------------------------------------------------------------</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><strong><span style="font-size: 7.5pt;

              font-family: &quot;Tahoma&quot;,&quot;sans-serif&quot;;

              color: rgb(102, 153, 51);">GreeNRB</span></strong><b><span

              style="font-size: 7.5pt; font-family:

              &quot;Tahoma&quot;,&quot;sans-serif&quot;;"><br>

            </span></b><em><span style="font-size: 7.5pt; font-family:

              &quot;Tahoma&quot;,&quot;sans-serif&quot;;">NRB considers

              its environmental responsibility and goes for green IT.</span></em><span

            style="font-size: 7.5pt; font-family:

            &quot;Tahoma&quot;,&quot;sans-serif&quot;;"> <br>

            <i>May we ask you to consider yours before printing this

              e-mail?&nbsp;</i><b>&nbsp;</b></span> <span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><b><span style="font-size: 7.5pt;

              font-family: &quot;Tahoma&quot;,&quot;sans-serif&quot;;

              color: rgb(0, 0, 102);">NRB, daring to commit <br>

            </span></b><i><span style="font-size: 7.5pt; font-family:

              &quot;Tahoma&quot;,&quot;sans-serif&quot;;">This e-mail

              and any attachments, which may contain information that is

              confidential and/or protected by intellectual property

              rights, are intended for the exclusive use of the

              above-mentioned addressee(s). Any use (including

              reproduction, disclosure and whole or partial distribution

              in any form whatsoever) of their content is prohibited

              without prior authorization of NRB. If you have received

              this message by error, please contact the sender promptly

              by resending this e-mail back to him (her), or by calling

              the above number. Thank you for subsequently deleting this

              e-mail and any files attached thereto.</span></i><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 12pt; font-family:

            &quot;Times New Roman&quot;,&quot;serif&quot;;" lang="FR-BE">&nbsp;</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p><span style="font-size: 7pt; font-family:

            &quot;Verdana&quot;,&quot;sans-serif&quot;;" lang="FR-BE">-------------------------------------------------------------------</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><strong><span style="font-size: 7.5pt;

              font-family: &quot;Tahoma&quot;,&quot;sans-serif&quot;;

              color: rgb(102, 153, 51);">GreeNRB</span></strong><b><span

              style="font-size: 7.5pt; font-family:

              &quot;Tahoma&quot;,&quot;sans-serif&quot;;"><br>

            </span></b><em><span style="font-size: 7.5pt; font-family:

              &quot;Tahoma&quot;,&quot;sans-serif&quot;;">NRB considers

              its environmental responsibility and goes for green IT.</span></em><span

            style="font-size: 7.5pt; font-family:

            &quot;Tahoma&quot;,&quot;sans-serif&quot;;"> <br>

            <i>May we ask you to consider yours before printing this

              e-mail?&nbsp;</i><b>&nbsp;</b></span> <span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><b><span style="font-size: 7.5pt;

              font-family: &quot;Tahoma&quot;,&quot;sans-serif&quot;;

              color: rgb(0, 0, 102);">NRB, daring to commit <br>

            </span></b><i><span style="font-size: 7.5pt; font-family:

              &quot;Tahoma&quot;,&quot;sans-serif&quot;;">This e-mail

              and any attachments, which may contain information that is

              confidential and/or protected by intellectual property

              rights, are intended for the exclusive use of the

              above-mentioned addressee(s). Any use (including

              reproduction, disclosure and whole or partial distribution

              in any form whatsoever) of their content is prohibited

              without prior authorization of NRB. If you have received

              this message by error, please contact the sender promptly

              by resending this e-mail back to him (her), or by calling

              the above number. Thank you for subsequently deleting this

              e-mail and any files attached thereto.</span></i><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 12pt; font-family:

            &quot;Times New Roman&quot;,&quot;serif&quot;;" lang="FR-BE">&nbsp;</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p><span style="font-size: 7pt; font-family:

            &quot;Verdana&quot;,&quot;sans-serif&quot;;" lang="FR-BE">-------------------------------------------------------------------</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><strong><span style="font-size: 7.5pt;

              font-family: &quot;Tahoma&quot;,&quot;sans-serif&quot;;

              color: rgb(102, 153, 51);">GreeNRB</span></strong><b><span

              style="font-size: 7.5pt; font-family:

              &quot;Tahoma&quot;,&quot;sans-serif&quot;;"><br>

            </span></b><em><span style="font-size: 7.5pt; font-family:

              &quot;Tahoma&quot;,&quot;sans-serif&quot;;">NRB considers

              its environmental responsibility and goes for green IT.</span></em><span

            style="font-size: 7.5pt; font-family:

            &quot;Tahoma&quot;,&quot;sans-serif&quot;; color: rgb(102,

            153, 51);"> <br>

            <i>May we ask you to consider yours before printing this

              e-mail?&nbsp;</i><b>&nbsp;</b></span> <span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><b><span style="font-size: 7.5pt;

              font-family: &quot;Tahoma&quot;,&quot;sans-serif&quot;;

              color: rgb(0, 0, 102);">NRB, daring to commit <br>

            </span></b><i><span style="font-size: 7.5pt; font-family:

              &quot;Tahoma&quot;,&quot;sans-serif&quot;;">This e-mail

              and any attachments, which may contain information that is

              confidential and/or protected by intellectual property

              rights, are intended for the exclusive use of the

              above-mentioned addressee(s). Any use (including

              reproduction, disclosure and whole or partial distribution

              in any form whatsoever) of their content is prohibited

              without prior authorization of NRB. If you have received

              this message by error, please contact the sender promptly

              by resending this e-mail back to him (her), or by calling

              the above number. Thank you for subsequently deleting this

              e-mail and any files attached thereto.</span></i><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 12pt; font-family:

            &quot;Times New Roman&quot;,&quot;serif&quot;;" lang="FR-BE">&nbsp;</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p><span style="font-size: 7pt; font-family:

            &quot;Verdana&quot;,&quot;sans-serif&quot;;" lang="FR-BE">-------------------------------------------------------------------</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><strong><span style="font-size: 7.5pt;

              font-family: &quot;Tahoma&quot;,&quot;sans-serif&quot;;

              color: rgb(102, 153, 51);">GreeNRB</span></strong><b><span

              style="font-size: 7.5pt; font-family:

              &quot;Tahoma&quot;,&quot;sans-serif&quot;; color: rgb(102,

              153, 51);"><br>

            </span></b><em><span style="font-size: 7.5pt; font-family:

              &quot;Tahoma&quot;,&quot;sans-serif&quot;; color: rgb(102,

              153, 51);">NRB considers its environmental responsibility

              and goes for green IT.</span></em><span style="font-size:

            7.5pt; font-family:

            &quot;Tahoma&quot;,&quot;sans-serif&quot;; color: rgb(102,

            153, 51);"> <br>

            <i>May we ask you to consider yours before printing this

              e-mail?&nbsp;</i><b>&nbsp;</b></span> <span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><b><span style="font-size: 7.5pt;

              font-family: &quot;Tahoma&quot;,&quot;sans-serif&quot;;

              color: rgb(0, 0, 102);">NRB, daring to commit <br>

            </span></b><i><span style="font-size: 7.5pt; font-family:

              &quot;Tahoma&quot;,&quot;sans-serif&quot;; color: rgb(0,

              0, 102);">This e-mail and any attachments, which may

              contain information that is confidential and/or protected

              by intellectual property rights, are intended for the

              exclusive use of the above-mentioned addressee(s). Any use

              (including reproduction, disclosure and whole or partial

              distribution in any form whatsoever) of their content is

              prohibited without prior authorization of NRB. If you have

              received this message by error, please contact the sender

              promptly by resending this e-mail back to him (her), or by

              calling the above number. Thank you for subsequently

              deleting this e-mail and any files attached thereto.</span></i><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><span style="font-size: 12pt; font-family:

            &quot;Times New Roman&quot;,&quot;serif&quot;;" lang="FR-BE"><o:p>&nbsp;</o:p></span></p>

        <p><span style="font-size: 7pt; font-family:

            &quot;Verdana&quot;,&quot;sans-serif&quot;; color: gray;"

            lang="FR-BE">-------------------------------------------------------------------</span><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><strong><span style="font-size: 7.5pt;

              font-family: &quot;Tahoma&quot;,&quot;sans-serif&quot;;

              color: rgb(102, 153, 51);">GreeNRB</span></strong><b><span

              style="font-size: 7.5pt; font-family:

              &quot;Tahoma&quot;,&quot;sans-serif&quot;; color: rgb(102,

              153, 51);"><br>

            </span></b><em><span style="font-size: 7.5pt; font-family:

              &quot;Tahoma&quot;,&quot;sans-serif&quot;; color: rgb(102,

              153, 51);">NRB considers its environmental responsibility

              and goes for green IT.</span></em><span style="font-size:

            7.5pt; font-family:

            &quot;Tahoma&quot;,&quot;sans-serif&quot;; color: rgb(102,

            153, 51);"> <br>

            <i>May we ask you to consider yours before printing this

              e-mail?&nbsp;</i><b>&nbsp;</b></span> <span lang="FR-BE"><o:p></o:p></span></p>

        <p class="MsoNormal"><b><span style="font-size: 7.5pt;

              font-family: &quot;Tahoma&quot;,&quot;sans-serif&quot;;

              color: rgb(0, 0, 102);">NRB, daring to commit <br>

            </span></b><i><span style="font-size: 7.5pt; font-family:

              &quot;Tahoma&quot;,&quot;sans-serif&quot;; color: rgb(0,

              0, 102);">This e-mail and any attachments, which may

              contain information that is confidential and/or protected

              by intellectual property rights, are intended for the

              exclusive use of the above-mentioned addressee(s). Any use

              (including reproduction, disclosure and whole or partial

              distribution in any form whatsoever) of their content is

              prohibited without prior authorization of NRB. If you have

              received this message by error, please contact the sender

              promptly by resending this e-mail back to him (her), or by

              calling the above number. Thank you for subsequently

              deleting this e-mail and any files attached thereto.</span></i><span

            lang="FR-BE"><o:p></o:p></span></p>

        <p><span style="font-size: 7pt; font-family:

            &quot;Verdana&quot;,&quot;sans-serif&quot;; color: gray;">-------------------------------------------------------------------</span><o:p></o:p></p>

        <p class="MsoNormal"><strong><span style="font-size: 7.5pt;

              font-family: &quot;Tahoma&quot;,&quot;sans-serif&quot;;

              color: rgb(102, 153, 51);">GreeNRB</span></strong><b><span

              style="font-size: 7.5pt; font-family:

              &quot;Tahoma&quot;,&quot;sans-serif&quot;; color: rgb(102,

              153, 51);"><br>

            </span></b><em><span style="font-size: 7.5pt; font-family:

              &quot;Tahoma&quot;,&quot;sans-serif&quot;; color: rgb(102,

              153, 51);">NRB considers its environmental responsibility

              and goes for green IT.</span></em><span style="font-size:

            7.5pt; font-family:

            &quot;Tahoma&quot;,&quot;sans-serif&quot;; color: rgb(102,

            153, 51);"> <br>

            <i>May we ask you to consider yours before printing this

              e-mail?&nbsp;</i><b>&nbsp;</b></span> <o:p></o:p></p>

        <p class="MsoNormal"><b><span style="font-size: 7.5pt;

              font-family: &quot;Tahoma&quot;,&quot;sans-serif&quot;;

              color: rgb(0, 0, 102);">NRB, daring to commit <br>

            </span></b><i><span style="font-size: 7.5pt; font-family:

              &quot;Tahoma&quot;,&quot;sans-serif&quot;; color: rgb(0,

              0, 102);">This e-mail and any attachments, which may

              contain information that is confidential and/or protected

              by intellectual property rights, are intended for the

              exclusive use of the above-mentioned addressee(s). Any use

              (including reproduction, disclosure and whole or partial

              distribution in any form whatsoever) of their content is

              prohibited without prior authorization of NRB. If you have

              received this message by error, please contact the sender

              promptly by resending this e-mail back to him (her), or by

              calling the above number. Thank you for subsequently

              deleting this e-mail and any files attached thereto.</span></i><o:p></o:p></p>

      </div>

      <!--DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"-->

      <meta name="GENERATOR" content="TX_HTML32 11.0.211.501">

      <span style="font-family: 'Verdana'; color: rgb(128, 128, 128);

        font-size: 7pt;">

        <p><span style="font-family: 'Verdana'; color: rgb(128, 128,

            128); font-size: 7pt;">-------------------------------------------------------------------</span></p>

        <span style="font-family: 'Verdana'; color: rgb(128, 128, 128);

          font-size: 6pt;">

          <p style="margin: 0cm 0cm 0pt;" class="MsoNormal"><font

              face="tahoma,arial,helvetica,sans-serif"><font size="1"><font

                  color="#669933"><span style="" lang="EN-GB"><strong>GreeNRB<br>

                    </strong><em>NRB considers its environmental

                      responsibility and goes for green IT.</em> <br>

                  </span><i><span style="" lang="EN-GB">May we ask you

                      to consider yours before printing this e-mail?&nbsp;</span></i><b><span

                      style="" lang="EN-GB">&nbsp;</span></b></font></font></font>

          </p>

          <p style="margin: 0cm 0cm 0pt;" class="MsoNormal"><font

              face="tahoma,arial,helvetica,sans-serif"><font size="1"><font

                  color="#000066"><b><span style="" lang="EN-GB">NRB,

                      daring to commit <br>

                    </span></b><i><span style="" lang="EN-GB">This

                      e-mail and any attachments, which may contain

                      information that is confidential and/or protected

                      by intellectual property rights, are intended for

                      the exclusive use of the above-mentioned

                      addressee(s). Any use (including reproduction,

                      disclosure and whole or partial distribution in

                      any form whatsoever) of their content is

                      prohibited without prior authorization of NRB. If

                      you have received this message by error, please

                      contact the sender promptly by resending this

                      e-mail back to him (her), or by calling the above

                      number. Thank you for subsequently deleting this

                      e-mail and any files attached thereto.</span></i></font></font></font></p>

        </span></span>

    </blockquote>

    <br>

  </body>

</html>