Andreas Kekkou wrote:
Hi Richard,
Nothing has changed. Executing the command you have suggested on both
servers I get the same output:
[root@serverA alias]# ../shared/bin/certutil -L -P slapd-serverA- -d .
serverA-cert u,u,u
Computer Science Department CA CT,,
[root@serverB alias]# ../shared/bin/certutil -L -P slapd-serverB- -d .
serverB-cert u,u,u
Computer Science Department CA CT,,
Is there anything else I have to check?
grep -i personality
/opt/fedora-ds/slapd-instancename/config/dse.ldif
The personality name should match with the server cert name in your certdb.
Cheers.
Andreas
Richard Megginson wrote:
> Andreas Kekkou wrote:
>> Hi all,
>>
>> I'm running FDS in multi-master mode with two servers. Both servers
>> are configured with TLS support. One of the servers logs the
>> following error:
>>
>> [25/Oct/2007:08:50:55 +0300] - attrcrypt_unwrap_key: failed to
>> unwrap key for cipher AES
>> [25/Oct/2007:08:50:55 +0300] - Failed to retrieve key for cipher AES
>> in attrcrypt_cipher_init
>> [25/Oct/2007:08:50:55 +0300] - Failed to initialize cipher AES in
>> attrcrypt_init
>> [25/Oct/2007:08:50:55 +0300] - attrcrypt_unwrap_key: failed to
>> unwrap key for cipher AES
>> [25/Oct/2007:08:50:55 +0300] - Failed to retrieve key for cipher AES
>> in attrcrypt_cipher_init
>> [25/Oct/2007:08:50:55 +0300] - Failed to initialize cipher AES in
>> attrcrypt_init
>> [25/Oct/2007:08:50:57 +0300] - slapd started. Listening on All
>> Interfaces port 389 for LDAP requests
>> [25/Oct/2007:08:50:57 +0300] - Listening on All Interfaces port 636
>> for LDAPS requests
>>
>> Both servers seems to work just fine. Any ideas how this can be
>> resolved?
> Has your SSL/TLS configuration changed at all? Have you acquired a
> new cert or renewed an existing cert?
> cd /opt/fedora-ds/alias
> ../shared/bin/certutil -L -P slapd-instance- -d .
>>
>> Thanks,
>>
>> Andreas
>> --
>> Fedora-directory-users mailing list
>> Fedora-directory-users(a)redhat.com
>>
https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>
>
> ------------------------------------------------------------------------
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users(a)redhat.com
>
https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
--
Fedora-directory-users mailing list
Fedora-directory-users(a)redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users