Hello,
I want to Configure the Password Sync Service and do this command (in / etc/dirsrv/slapd-instance):
"certutil -d . -L -n "CA certificate" -a > dsca.crt"
But "CA certificate" doesn't exist. As I can see in web:
" /etc/dirsrv/slapd-[instance name]
This is where the certificates for the directory instance are stored, as well as its pin.txt file. "
So I can't export server certificate on my Windows server.
Thanks in advance !
Again in your case: you need to export CA cert from Windows AD CA and import it to DS
Greg. 28 mar 2013 11:05, "alexandre" axel0felix@gmail.com napisał(a):
Hello,
I want to Configure the Password Sync Service and do this command (in / etc/dirsrv/slapd-instance):
"certutil -d . -L -n "CA certificate" -a > dsca.crt"
But "CA certificate" doesn't exist. As I can see in web:
" /etc/dirsrv/slapd-[instance name]
This is where the certificates for the directory instance are stored, as well as its pin.txt file. "
So I can't export server certificate on my Windows server.
Thanks in advance !
-- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
Yes I did it (I put the capture on the attached-file)
But nothing in /etc/dirsrv/slapd-[instance name]/
Thanks
2013/3/28 Grzegorz Dwornicki gd1100@gmail.com
Again in your case: you need to export CA cert from Windows AD CA and import it to DS
Greg. 28 mar 2013 11:05, "alexandre" axel0felix@gmail.com napisał(a):
Hello,
I want to Configure the Password Sync Service and do this command (in / etc/dirsrv/slapd-instance):
"certutil -d . -L -n "CA certificate" -a > dsca.crt"
But "CA certificate" doesn't exist. As I can see in web:
" /etc/dirsrv/slapd-[instance name]
This is where the certificates for the directory instance are stored, as well as its pin.txt file. "
So I can't export server certificate on my Windows server.
Thanks in advance !
-- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
-- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
if my memory is correct the command will export ca cert from ds database but you have that cert from Windows. This steep is not needed in your case. However if you remove -n, -a options with redirection to file (the greater sygn along with dsca.crt), then you will get listing of your DS's database. This listing will tell you wiat you an use with -n option.
Greg. 28 mar 2013 11:15, "alexandre" axel0felix@gmail.com napisał(a):
Yes I did it (I put the capture on the attached-file)
But nothing in /etc/dirsrv/slapd-[instance name]/
Thanks
2013/3/28 Grzegorz Dwornicki gd1100@gmail.com
Again in your case: you need to export CA cert from Windows AD CA and import it to DS
Greg. 28 mar 2013 11:05, "alexandre" axel0felix@gmail.com napisał(a):
Hello,
I want to Configure the Password Sync Service and do this command (in / etc/dirsrv/slapd-instance):
"certutil -d . -L -n "CA certificate" -a > dsca.crt"
But "CA certificate" doesn't exist. As I can see in web:
" /etc/dirsrv/slapd-[instance name]
This is where the certificates for the directory instance are stored, as well as its pin.txt file. "
So I can't export server certificate on my Windows server.
Thanks in advance !
-- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
-- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
-- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
On 03/28/2013 04:05 AM, alexandre wrote:
Hello,
I want to Configure the Password Sync Service and do this command (in /etc/dirsrv/slapd-instance): "certutil -d . -L -n "CA certificate" -a > dsca.crt"
But "CA certificate" doesn't exist. As I can see in web:
"|/etc/dirsrv/slapd-[instance name]|
This is where the certificates for the directory instance are stored, as well as its|pin.txt| file. "
So I can't export server certificate on my Windows server.
certutil -d /etc/dirsrv/slapd-* -L and certutil -d /etc/dirsrv/admin-serv -L
Let's see what certs you do have. Older versions of 389 had a bug - the console would install the CA cert in /etc/dirsrv/admin-serv but not in /etc/dirsrv/slapd-*
Thanks in advance !
-- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
Thanks for these commands. I can this my certificates.
2013/3/28 Rich Megginson rmeggins@redhat.com
On 03/28/2013 04:05 AM, alexandre wrote:
Hello,
I want to Configure the Password Sync Service and do this command (in / etc/dirsrv/slapd-instance):
"certutil -d . -L -n "CA certificate" -a > dsca.crt"
But "CA certificate" doesn't exist. As I can see in web:
" /etc/dirsrv/slapd-[instance name]
This is where the certificates for the directory instance are stored, as well as its pin.txt file. "
So I can't export server certificate on my Windows server.
certutil -d /etc/dirsrv/slapd-* -L and certutil -d /etc/dirsrv/admin-serv -L
Let's see what certs you do have. Older versions of 389 had a bug - the console would install the CA cert in /etc/dirsrv/admin-serv but not in /etc/dirsrv/slapd-*
Thanks in advance !
-- 389 users mailing list389-users@lists.fedoraproject.orghttps://admin.fedoraproject.org/mailman/listinfo/389-users
389-users@lists.fedoraproject.org