[Fedora-directory-users] While re-craeting a SSL certificate I get this error
Rich Megginson
rmeggins at redhat.com
Tue Dec 4 23:46:47 UTC 2007
Steven Jones wrote:
> Hi,
>
> A while back I started the get FDS up and going and it appears I made a
> mistake in the server generation file for the SSl certs, basically I did
> this,
>
> ../shared/bin/certutil -S -n "Server-Cert" -s \
> "cn=vuw.ac.nz" -c "CA certificate" -t "u,u,u" -m 1001 -v \
> 120 -d . -z noise.txt -f pwdfile.txt
>
> When I should have done this,
>
> ../shared/bin/certutil -S -n "Server-Cert" -s \
> "cn=vuwunicvfdsm001.vuw.ac.nz" -c "CA certificate" -t "u,u,u" -m 1001 -v
> \
> 120 -d . -z noise.txt -f pwdfile.txt
>
> So now I am working back through my notes to fix my mistake but at this
> command,
>
> ../shared/bin/certutil -A -d . -P admin-serv-vuwunicvfdsm001- -n "CA
> certificate" -t "CT,," -a -i cacert.asc
>
> I get this error,
>
> ========
> certutil-bin: could not obtain certificate from file: You are attempting
> to import a cert with the same issuer/serial as an existing cert, but
> that is not the same cert.
> [root at vuwunicvfdsm001 alias]#
> ========
>
> How do I fix this please?
>
You need to remove the old CA cert first.
../shared/bin/certutil -D -d . -P admin-serv-vuwunicvfdsm001- -n "CA
certificate"
Then import the new CA cert.
> regards
>
> Steven Jones
> Senior Linux/Unix/San/Vmware System Administrator
> APG -Technology Integration Team
> Victoria University of Wellington
> Phone: +64 4 463 6272
>
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20071204/bae8946b/attachment.bin>
More information about the Fedora-directory-users
mailing list