[Fedora-directory-users] SSL problems/questions for Fedora DS 1.02
Dellwo, Martin J. [NCSUS]
MDELLWO at ncsus.jnj.com
Thu Jun 22 16:51:23 UTC 2006
Hello,
How can one start up Fedora directory (1.02) server instances when one is
using SSL? Can it be configured to read the security database password from
a file? I believe it may have given me the option initially and I did not
take advantage of it, so I am particularly wondering how to set up automatic
startup (with no password prompt) after it is already set up to prompt.
Right now, I have slapd running with SSL turned on, but could not restart
the admin server after turning it on. I was able to edit two admin server
configuration files to turn it back off for the admin server, so now I can
start it without SSL. Any pointers to detailed documentation for using SSL
with admin server?
I also now have a new problem where I cannot open the 'Manage Certificates'
task for the directory server (slapd) instance itself. In the admin server
http logs I get this error
[Thu Jun 22 11:56:06 2006] [notice] [client 10.24.224.137]
admserv_host_ip_check: ap_get_remote_host could not resolve xxx.xxx.xxx.xxx
Even though xxx.xxx.xxx.xxx is the IP address of the local server (both
where slapd is running and where I am running the console from). It is
properly defined in both the local /etc/hosts and in DNS. At the same time,
the console gives a pop-up error, "org.mozilla.ssl.SSLSocketException:
SSL_ForceHandshake failed: (-5938) Encountered end of file."
Since I think this could be related to an out-of-date certificate CRL, how
can one import new CRLs using command line tools?
Thanks,
Marty
--
Martin J. Dellwo
NCS Pharma R&D (Exton)
NCS, a Johnson & Johnson Company
mdellwo at ncsus.jnj.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20060622/ac8bff57/attachment.html>
More information about the 389-users
mailing list