[389-users] How to use existing SSL cert?
Rich Megginson
rmeggins at redhat.com
Wed Feb 3 17:30:05 UTC 2010
Sean Carolan wrote:
> They are standard x.509v3, RSA 1024 bit encrypted format. Nothing
> exotic, they work fine on Apache web servers...
>
You first need to put them in pkcs12 format. Use the openssl pkcs12 to
combine your existing server cert and private key into a pkcs12 file.
Then, use the pk12util to import your .p12 file into the directory server:
cd /etc/dirsrv/slapd-something
mv cert8.db cert8.db.save
mv key3.db key3.db.save
pk12util -i /path/to/your/file.p12 -d .
If you encrypted your .p12 file, you will have to give the decryption
password. If prompted for the NSS db password, I think you should be
able to just hit Enter.
>
>> What format is your existing private key/cert in?
>>
>>> Thanks
>>>
>>> Sean
>>> --
>>> 389 users mailing list
>>> 389-users at lists.fedoraproject.org
>>> https://admin.fedoraproject.org/mailman/listinfo/389-users
>>>
>>>
>> --
>> 389 users mailing list
>> 389-users at lists.fedoraproject.org
>> https://admin.fedoraproject.org/mailman/listinfo/389-users
>>
>>
> --
> 389 users mailing list
> 389-users at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/389-users
>
More information about the 389-users
mailing list