[Fedora-directory-users] Solaris 9 ssl/tls setup. (security library: bad database.)
Michael Montgomery
mmontgomery at theplanet.com
Tue Dec 20 18:14:49 UTC 2005
I was installing old netscape-communicator when I posted last, and the db's it created got me further:
Dec 20 12:07:02 solarisldap nscd[2100]: libldap: CERT_VerifyCertName: cert server name 'server-cert' does not match 'ldapserver': SSL connection denied
Dec 20 12:07:02 solarisldap nscd[2100]: libsldap: Status: 85 Mesg: openConnection: simple bind failed - Timed out
Dec 20 12:07:02 solarisldap nscd[2100]: libsldap: Status: 7 Mesg: Session error no available conn.
So at least I got here... I'll look around some more to try and disable this verifycertname crap, or re-create the cert correctly.
Thanks again.
On Tue, 2005-12-20 at 12:09 -0600, Michael Montgomery wrote:
> Thanks, I'll give these a shot...
>
> On Tue, 2005-12-20 at 10:03 -0800, George Holbert wrote:
> > >
> > > Solaris 8 and Solaris 9 look for cert7.db, not cert8.db.
> >
> > Furthermore,
> > Some versions of certutil will generate a certificate DB called
> > cert7.db, but Solaris still won't like it.
> >
> > I've found that certutil as bundled in the Sun DSRK works well for
> > generating Solaris client cert DBs:
> > http://www.sun.com/download/products.xml?id=3f74a0db
> >
> > NSS 3.3.2 should also work:
> > http://www.mozilla.org/projects/security/pki/nss/release_notes_332.html
> >
> >
>
More information about the Fedora-directory-users
mailing list