Hi Fernando,
On 8/22/19 5:21 AM, Fernando Fuentes wrote:
Is there a how to for this procedure?
## Convert to PKCS#12:
# openssl pkcs12 -export -out demo.p12 -inkey
pki/private/demo.example.com.key -in pki/issued/demo.example.com.crt
Enter pass phrase for pki/private/demo.example.com.key:
Enter Export Password:
Verifying - Enter Export Password:
# Import to DS NSS DB:
# pk12util -i demo.p12 -d /etc/dirsrv/slapd-instance_name/ -W password
Enter Password or Pin for "NSS Certificate DB":
pk12util: no nickname for cert in PKCS12 file.
pk12util: using nickname:
demo.example.com
pk12util: PKCS12 IMPORT SUCCESSFUL
## Display the imported cert:
# certutil -d /etc/dirsrv/slapd-instance_name/ -L
Certificate Nickname Trust
Attributes
SSL,S/MIME,JAR/XPI
demo.example.com u,u,u
## Display the imported private key:
# certutil -d /etc/dirsrv/slapd-instance_name/ -K
certutil: Checking token "NSS Certificate DB" in slot "NSS User Private
Key and Certificate Services"
Enter Password or Pin for "NSS Certificate DB":
< 0> rsa ec30598b2107c71dd69494d51d7de6ef0e57ffbe
demo.example.com
Please let me know if it works, and DS does not complain about it when
you use the key/cert.
Regards,
Marc
--
Marc Muehlfeld (Senior Technical Writer)
Customer Content Services
_______________________________________________________________________________
Red Hat GmbH, Werner-von-Siemens-Ring 14, 85630 Grasbrunn, Germany
http://www.de.redhat.com/, Registered seat: Grasbrunn,
Commercial register: Amtsgericht Muenchen, HRB 153243,
Managing Directors: Charles Cachera, Michael O'Neill,
Tom Savage, Eric Shander