[389-users] SSL initialization Failed

[Luigi Santangelo]

Hi guru,
i have a problem with enabling SSL in my Fedora Directory Server. I already
searched with google and I have found other people that have same problem
but, following the instructions, I cannot resolve my problem (maybe my
problem has a different source).
I start by saing that in the past I have enabled SSL on FDS 1.2.5
succesfully, but with FDS 1.2.12 rc2 I cannot.
On my Fedora 16, with kernel 3.2.7-1, I installed FDS 1.2.12rc2. Then, I
created a request for the Directory Server (using Manage Certificates).
During this operation, I inserted the FQDN in Server Name field and I
completed other field (Organization, State, etc). Then I exported the
request and, using a my self-signed CA, I created a cert for the server. I
imported server and CA certs succesfully. In the Certification Path tab of
server cert, I can see the correct chain (server and ca certs). But when I
enable SSL for my server (with Encryption tab) and I restart my server, it
cannot start correctly and give me this error:

SSL alert: Security Initialization: Unable to authenticate (Netscape
Portable Runtime error -8192 - An I/O error occurred during security
authorization.)
ERROR: SSL Initialization Failed.

But if I create a key and cert with openssl for my server (then not
creating the request and sign it, but creating the cert directly with
openssl), I export the cert in p12 format and I import it with certutil
utility, it works fine: I can enable SSL and I can restart my server
without any problem.

Then, I thing that I wrong to insert the information during generation
request. Can you help me?

Another question (mere curiosity): why RedHat Directory Server and Fedora
Directory Server have different version number? Its doesn't offer the same
features? Thanks
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20120307/b9d8d89c/attachment.html>