[Fedora-directory-users] Solaris 9 ssl/tls setup. (security library: bad database.)

Michael Montgomery mmontgomery at theplanet.com
Tue Dec 20 18:06:10 UTC 2005 

Thanks for the info... but

I don't have netscape installed on this solaris server, so i can't use
it to create the db.  I found a certutil package that seems to create
old db files here:

http://www.gurulabs.com/goodies/downloads.php

I guess I could install a really old version of netscape on my desktop
machine, and use it, but is there an easier way to go about this, as
trying to import the server cert gives this:

bash-3.00# /usr/local/bin/certutil -A -n "CA certificate"
-i /root/cert.crt -t
"CTu,u,u"
certutil: could not obtain certificate from file: Failure to load
dynamic library.

Thanks again for any help you can offer.

On Tue, 2005-12-20 at 12:40 -0500, Jamie McKnight wrote:
> On Tue, 2005-12-20 at 11:31 -0600, Michael Montgomery wrote:
> > I have successfully gotten solaris 9 (patched with recommended patches)
> > to work without using ssl/tls, but can't seem to get ssl/tls working.
> > I've read the following:
> > 
> > http://directory.fedora.redhat.com/wiki/Howto:SolarisClient
> > and this
> > http://forum.sun.com/thread.jspa?threadID=12811&tstart=30
> > 
> > And multiple other links to getting this working, but can't seem to get
> > it to initialize the database.  Everything in my ldap directory appears
> > to be setup, being that redhat and freebsd with ssl work without issues,
> > and solaris 9 works without tls/ssl, so the issue, I assume, is with the
> > *.db files in /var/ldap.
> > 
> > bash-3.00# pwd
> > /var/ldap
> > bash-3.00# ls -l *.db
> > -r--r--r--   1 root     other      65536 Dec 20 11:07 cert8.db
> > -r--r--r--   1 root     other      16384 Dec 20 11:07 key3.db
> > -r--r--r--   1 root     other      32768 Dec 20 10:26 secmod.db
> 
> Solaris 8 and Solaris 9 look for cert7.db, not cert8.db.
> 
> http://docs.sun.com/app/docs/doc/817-4843/6mkbebdd2?
> a=view#clientsetup-57
> 
> Jamie
> 
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
-- 
Michael Montgomery
Systems Administrator
http://theplanet.com

More information about the Fedora-directory-users mailing list