Sorry my capture is not on the mail, it's the point 12.2.1. 4.c.Go to
the *CA Certs* tab, and click *Install* at the bottom of the window.
On this link:
Thanks for the new Link !
@Rich Megginson "It's not the 389DS server certificate, but the CA
certificate for the CA that issued the 389DS server certificate, that you
need for PassSync"
@Grzegorz Dwornicki "But you must generate cert for DS on AD CA. Then
you need to import this cert with AD CA cert on DS"
Sorry I don't understand "CA certificate for the CA that issued the 389DS
server certificate", I have to export this one below to the AD? (it's empty
on this capture, but with CA certificate on my directory server):
@Grzegorz Dwornicki --> do you have a procedure to do that ? I don't find
in redhat documentation. (when you said AD CA, do you consider that AD CA
= Authority installed on my AD ?)
Many thanks, for your answers. And your patience about my translation
problems.
Best regards,
Alex
2013/3/27 Grzegorz Dwornicki <gd1100(a)gmail.com>
> I had missunderstood you im this case. No you don't need to create second
> CA. But you must generate cert for DS on AD CA. Then you need to import
> this cert with AD CA cert on DS
>
> Greg.
> 27 mar 2013 15:41, "alexandre" <axel0felix(a)gmail.com> napisał(a):
>
> I'm really impressed by the reactivity of this list !!!
>>
>> Sorry my understanding is not perfect because i'm french, so I don't
>> have any CA in my DS, I have one CA (installed on my domain controller).
>>
>> Do I need to install a CA in my DS ? (when I write CA for me it means a
>> Authority).
>>
>>
>> Alex
>>
>>
>> 2013/3/27 Grzegorz Dwornicki <gd1100(a)gmail.com>
>>
>>> If you have diferent CA in AD vs DS then you need to do this import.
>>>
>>> AD by default don't use LDAPS or STARTSSL soo you need to install ms
>>> cert CA stuff.
>>>
>>> Greg.
>>> 27 mar 2013 15:07, "alexandre" <axel0felix(a)gmail.com>
napisał(a):
>>>
>>>> Hello,
>>>>
>>>> I try to follow this procedure :
>>>>
>>>>
>>>>
https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Directory_Server/8...
>>>>
>>>> Everything works fine, except I don't understand right this line:
>>>>
>>>> "Import the CA certificate from Directory Server into Active
>>>> Directory. Click *Trusted Root CA*, then *Import*, and browse for the
>>>> Directory Server CA certificate."
>>>>
>>>> For me CA certificate, it's a certificate from the Authority, so in
my
>>>> Active Directory the certificate from the authority is already know in
the Trusted
>>>> Root CA.
>>>>
>>>> So, do I need to import 389DS server certificate in my active
>>>> directory ?
>>>>
>>>> And finally, there is no indication to do that, someone can help me to
>>>> pass through ?
>>>>
>>>> Thanks in advance.
>>>>
>>>> Best regards,
>>>> Alex
>>>>
>>>> --
>>>> 389 users mailing list
>>>> 389-users(a)lists.fedoraproject.org
>>>>
https://admin.fedoraproject.org/mailman/listinfo/389-users
>>>>
>>>
>>> --
>>> 389 users mailing list
>>> 389-users(a)lists.fedoraproject.org
>>>
https://admin.fedoraproject.org/mailman/listinfo/389-users
>>>
>>
>>
>> --
>> 389 users mailing list
>> 389-users(a)lists.fedoraproject.org
>>
https://admin.fedoraproject.org/mailman/listinfo/389-users
>>
>
> --
> 389 users mailing list
> 389-users(a)lists.fedoraproject.org
>
https://admin.fedoraproject.org/mailman/listinfo/389-users
>