[Fedora-directory-users] Managing key3.db file
Rob Crittenden
rcritten at redhat.com
Fri Feb 27 14:14:33 UTC 2009
Emmanuel BILLOT wrote:
> Hi,
>
> I want to use an external certificate (not generated by FDS/RHDS console).
> I have a crt file and a key file.
>
> Is there any method to add the key file to key3.db ?
>
> Is it possible to add a 'not FDS generated cert" to FDS ?
>
> BR,
>
Sure. The easiest way would be to make a PKCS#12 file out of the cert
and key and load that into the FDS database.
This will make a certificate with the nickname Server-Cert and add it to
FDS:
# openssl pkcs12 -export -in cert.pem -inkey key.pem -out cert.p12 -name
"Server-Cert"
# pk12util -i cert.p12 -d /etc/dirsrv/slapd-INSTANCE
You'll still need to add and trust the CA certificate that issued your
server cert.
rob
More information about the 389-users
mailing list