As suggested, I checked if ssl worked....to test it I did a fresh
install and I corrected the problem about node, now each node use its
real address and name (I moved in future cluster configuration)...About
SSL I exactly follow documentation and your tips...according with SSL
howto in fedora wiki directory, I follow it until "Importing the CA cert
into another Fedora DS"...after that:
- in console I activated ssl for my directory.
- I restarted directory server
- In log I can see that now slapd listening on all interfaces on port
389 and port 636 for LDAPS requests.
unfortunatly, when I try :
ldapsearch -ZZ -h
nodo1.domain.example.com -b
"dc=domain,dc=example,dc=com" -s sub "objectclass=*"
the answer is:
SSL initialization failed: error -8174 (security library:bad database)
refer to /usr/bin/ldapsearch and other openldap clients (e.g. pam_ldap,
nss_ldap, other system LDAP usage). We do not have instructions for
using /opt/fedora-ds/shared/bin/ldapsearch with SSL (but we should). I
suggest following the instructions at the link specified above and use
/usr/bin/ldapsearch to test SSL.
..but in log...nothing
I tried also to erase db andfollowing the link below to make it
http://www.redhat.com/docs/manuals/dir-server/ag/7.1/ssl.html#1087158
If you want to just start over from scratch, I suggest using the
setup_ssl.sh script found here -
--
Fedora-directory-users mailing list
Fedora-directory-users(a)redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users