[389-users] How to export CA certificate into client from server
Arpit Tolani
arpittolani at gmail.com
Sat Jul 28 11:55:12 UTC 2012
Hie
On Sat, Jul 28, 2012 at 5:15 PM, fosiul alam <expertalert at gmail.com> wrote:
> Hi
> thanks I understand i will have to start from scratch for certificate
> .. but few explanation i need
>
> My ldapserver host name is : ldap-2.fosiul.lan
> and I just cn="Directory Manager"
>
>
Try below.
# certutil -S -n "directory-Server-Cert" -s "cn=ldap-2.fosiul.lan" -c
"CA certificate" -t "u,u,u" -m 1001 -v 720 -d . -k rsa
> so according to those info.. what shall i put in ,
> dc=directory ???
> and
> cn=directory.example.com" ???
>
> My server hostname or "Directory Manager"
>
> # certutil -S -n "CA certificate" -s "cn=CA
> cert,dc=directory,dc=example,dc=com" -2 -x -t "CT,," -m 1000 -v 720 -d . -k
> rsa
>
> Make sure you say yes to "Is this a CA certificate [y/N]?" and everything
> else will be default.
>
> Next we create your server cert. Make sure your cn is your FQDN of this
> server.
>
> # certutil -S -n "directory-Server-Cert" -s "cn=directory.example.com" -c
> "CA certificate" -t "u,u,u" -m 1001 -v 720 -d . -k rsa
>
> Thanks for your help .
> Really appreciate ..
> --
> 389 users mailing list
> 389-users at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/389-users
Regards
Arpit Tolani
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20120728/07f1201e/attachment.html>
More information about the 389-users
mailing list