I am running into an issue with adding temporary trusted certs to 389 directory server running on redhat 6.6.


I have been following this guide step by step to install self-signed certs: https://access.redhat.com/documentation/en-US/Red_Hat_Certificate_System/8.1/html/Deploy_and_Install_Guide/ds-self-signed.html


After generating the certs using certutil, and adding them as trusted certs in 389, I check the enable ssl checkbox in the 389 directory console.


I continue to follow the next steps until I reset the dirsrv service.  The dirsrv service will not restart. Error message (notice I changed the secure port to 1636 this time but get same results leaving it as 636):


[10/Jul/2015:08:35:23 -0600] - slapd started.  Listening on All Interfaces port 389 for LDAP requests

[10/Jul/2015:08:38:58 -0600] - The change of nsslapd-secureport will not take effect until the server is restarted

[10/Jul/2015:08:39:49 -0600] - slapd shutting down - signaling operation threads

[10/Jul/2015:08:39:49 -0600] - slapd shutting down - waiting for 27 threads to terminate

[10/Jul/2015:08:39:49 -0600] - slapd shutting down - closing down internal subsystems and plugins

[10/Jul/2015:08:39:49 -0600] - Waiting for 4 database threads to stop

[10/Jul/2015:08:39:49 -0600] - All database threads now stopped

[10/Jul/2015:08:39:49 -0600] - slapd stopped.

[10/Jul/2015:08:39:52 -0600] createprlistensockets - PR_Bind() on All Interfaces port 1636 failed: Netscape Portable Runtime error -5966 (Access Denied.)


Do any of you have any ideas of what is causing this issue or what I may be doing wrong? If you need more information please do not hesitate to ask.