[Fedora-directory-users] SSL problem on replication!
Richard Megginson
rmeggins at redhat.com
Tue Mar 28 15:10:36 UTC 2006
Alex aka Magobin wrote:
> As suggested, I checked if ssl worked....to test it I did a fresh
> install and I corrected the problem about node, now each node use its
> real address and name (I moved in future cluster configuration)...About
> SSL I exactly follow documentation and your tips...according with SSL
> howto in fedora wiki directory, I follow it until "Importing the CA cert
> into another Fedora DS"...after that:
>
> - in console I activated ssl for my directory.
> - I restarted directory server
> - In log I can see that now slapd listening on all interfaces on port
> 389 and port 636 for LDAPS requests.
>
> unfortunatly, when I try :
>
> ldapsearch -ZZ -h nodo1.domain.example.com -b
> "dc=domain,dc=example,dc=com" -s sub "objectclass=*"
>
> the answer is:
>
> SSL initialization failed: error -8174 (security library:bad database)
>
The instructions at
http://directory.fedora.redhat.com/wiki/Howto:SSL#Configure_LDAP_clients
refer to /usr/bin/ldapsearch and other openldap clients (e.g. pam_ldap,
nss_ldap, other system LDAP usage). We do not have instructions for
using /opt/fedora-ds/shared/bin/ldapsearch with SSL (but we should). I
suggest following the instructions at the link specified above and use
/usr/bin/ldapsearch to test SSL.
> ..but in log...nothing
>
> I tried also to erase db andfollowing the link below to make it
>
> http://www.redhat.com/docs/manuals/dir-server/ag/7.1/ssl.html#1087158
>
If you want to just start over from scratch, I suggest using the
setup_ssl.sh script found here -
http://directory.fedora.redhat.com/wiki/Howto:SSL#Script
>
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3178 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20060328/63bb3f9a/attachment.bin>
More information about the Fedora-directory-users
mailing list