>> What's not necessary? Note that the admin server and
directory server
>> have separate cert databases. Also note that the NSS crypto team is
>> working towards a unified system-wide cert db.
>>
>
> That could have been more clear, I meant that a lack of certs in the Admin Server db
should not cause an error when trying to access cert information in the >directory
server db. But as I said that is from 10 000 feet viewpoint.
>
The SSL client must have a CA cert. In this case, the SSL client is the
Admin Server, and the SSL server is the configuration directory server
(the directory server that holds o=NetscapeRoot). When the "Use SSL in
Console" is selected, the console and admin server will use SSL to
contact the configuration DS.
Just to clarify this.
Do I only need the CA cert in the /etc/dirsrv/admin-serv/ cert database or do I need the
server CA in there as well. If so I could for all intents and purposes copy
/etc/dirsrv/slapd-testserver/*.db to /etc/dirsrv/admin-serv/ ?
Also I am not sure where the certdb password for /etc/dirsrv/admin-serv/ is stored?
Regards
________________________________________________________________________
In order to protect our email recipients, Betfair Group use SkyScan from
MessageLabs to scan all Incoming and Outgoing mail for viruses.
________________________________________________________________________