Hi Troy,
have you checked the unix rights of certificate database files ?
cert8.db + key3.db
Please, take a look at the "note" in 7.4.1 here:
https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/9....
Thanks and regards,
German
----- Original Message -----
From: "Troy Axthelm" <Troy.Axthelm(a)uwyo.edu>
To: 389-users(a)lists.fedoraproject.org
Sent: Friday, July 10, 2015 5:33:21 PM
Subject: [389-users] Netscape Portable Runtime error after adding temporary certs
I am running into an issue with adding temporary trusted certs to 389
directory server running on redhat 6.6.
I have been following this guide step by step to install self-signed certs:
https://access.redhat.com/documentation/en-US/Red_Hat_Certificate_System/...
After generating the certs using certutil, and adding them as trusted certs
in 389, I check the enable ssl checkbox in the 389 directory console.
I continue to follow the next steps until I reset the dirsrv service. The
dirsrv service will not restart. Error message (notice I changed the secure
port to 1636 this time but get same results leaving it as 636):
[10/Jul/2015:08:35:23 -0600] - slapd started. Listening on All Interfaces
port 389 for LDAP requests
[10/Jul/2015:08:38:58 -0600] - The change of nsslapd-secureport will not take
effect until the server is restarted
[10/Jul/2015:08:39:49 -0600] - slapd shutting down - signaling operation
threads
[10/Jul/2015:08:39:49 -0600] - slapd shutting down - waiting for 27 threads
to terminate
[10/Jul/2015:08:39:49 -0600] - slapd shutting down - closing down internal
subsystems and plugins
[10/Jul/2015:08:39:49 -0600] - Waiting for 4 database threads to stop
[10/Jul/2015:08:39:49 -0600] - All database threads now stopped
[10/Jul/2015:08:39:49 -0600] - slapd stopped.
[10/Jul/2015:08:39:52 -0600] createprlistensockets - PR_Bind() on All
Interfaces port 1636 failed: Netscape Portable Runtime error -5966 (Access
Denied.)
Do any of you have any ideas of what is causing this issue or what I may be
doing wrong? If you need more information please do not hesitate to ask.
-Troy
--
389 users mailing list
389-users(a)lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users