Graham Leggett wrote:
Richard Megginson wrote:
>> It appears when an attempt is made to select "manage certificates",
>> and a number of other places.
> I think this means it's trying to talk SSL. It could be attempting
> to open an https connection to the admin server which is only
> listening to http. You could try starting the console using
> startconsole -D 9 > file 2>&1
> to capture the detailed debug log to file. This should give us more
> information about what it's doing when it gets that exception.
Using tcplow to sniff the admin console port, the admin server is
definitely trying to talk ssl.
Is there a method of telling the admin server _not_ to use SSL? I have
searched high and low inside the directory, and all the config I can
find has the admin server defined with SSL disabled.
Alternatively, is there a way to switch SSL on on the admin server
without using the console?
1) edit admin-serv/config/console.conf and change
NSSEngine from "on" to
"off"
2) find the cn=configuration entry for the admin server:
ldapsearch -x -D "cn=directory manager" -w password -s sub -b
o=netscaperoot "nsserversecurity=on"
3) If this returns the config entry for the admin server, use ldapmodify
to turn security off:
ldapmodify -x -D "cn=directory manager" -w password
dn: dn returned above
changetype: modify
replace: nsServerSecurity
nsServerSecurity: off
4) restart admin server - restart-admin
This should cause admin server to use http instead of https.
Regards,
Graham
--
--
Fedora-directory-users mailing list
Fedora-directory-users(a)redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users