I noticed that the server was extracting the PEM files from the keystore by default and was wondering if there was really any use for this being on by default.

The relevant setting is nsslapd-extract-pemfiles.



Trevor Vaughan
Vice President, Onyx Point, Inc
(410) 541-6699 x788

-- This account not approved for unencrypted proprietary information --