Mark Reynolds wrote:
I think the issue was that the new certificate "might" have had the same name as the old one?
I suspect it's because a new private key was generated there are two certs with the same name but different keys.
To re-use the existing private key the easiest way is to simply retain the original CSR and resubmit it when you need renewal. Or you can regenerate it and specify -k <key_id> when you do so to re-use the key rather than generating a new one.
certutil -K -d /path/to/db to get list of keys.
rob
On 8/24/20 9:28 AM, rainer@ultra-secure.de wrote:
Am 2020-08-24 15:18, schrieb Mark Reynolds:
Not sure what the problem is, but if you create a second test DS instance, can you import it there?
Maybe remove the old cert first? If you try that though please make a backup of these files under /etc/dirsrv/slapd-INST: cert8.db, key3.db, and secmod.db in case it doesn't work.
Hi Mark,
it seems that, yes indeed, you have to delete the old certificate first (and then also re-import the intermediate certificate).
Thanks a lot for the hint!
Best Regards Rainer _______________________________________________ 389-users mailing list -- 389-users@lists.fedoraproject.org To unsubscribe send an email to 389-users-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject....