[Freeipa-users] error after change cert
barrykfl at gmail.com
barrykfl at gmail.com
Mon Jul 6 13:45:01 UTC 2015
Do u meant this :
i already add the cert to nss and even \etc\ipa\ ca.cert repalced
[root@(LIVE) slapd-Wwww-COM]$ certutil -d /etc/pki/nssdb -L
Certificate Nickname Trust
Attributes
SSL,S/MIME,JAR/XPI
COMODO RSA Domain Validation Secure Server CA CT,C,C
IPA CA CT,C,C
COMODO RSA Certification Authority CT,C,C
2015-07-06 21:39 GMT+08:00 Rob Crittenden <rcritten at redhat.com>:
> barrykfl at gmail.com wrote:
>
>> the cert already in httpd / ldap side. but it prompt error
>>
>> [06/Jul/2015:19:59:16 +0800] - SSL failure: None of the cipher are valid
>> [06/Jul/2015:19:59:16 +0800] - ERROR: SSL Initialization phase 2 Failed.
>>
>> *.wisers.com <http://wisers.com> - COMODO CA
>> Limited u,u,u
>> COMODO RSA Domain Validation Secure Server CA CT,C,C
>> COMODO RSA Certification Authority CT,C,C
>>
>
> Taking a wild guess here due to limited information, but check the value
> of nsSSLPersonalitySSL in cn=RSA,cn=encryption,cn=config. This is the NSS
> nickname of the server certificate to use.
>
> rob
>
>
>>
>> 2015-07-06 20:01 GMT+08:00 <barrykfl at gmail.com <mailto:barrykfl at gmail.com
>> >>:
>>
>> hi:
>>
>> i changed cert lareadty but seemit still keep hisoty of godadday any
>> help.??
>>
>>
>> www-COM...[06/Jul/2015:19:59:15 +0800] - SSL alert: Security
>> Initialization: Can't find certificate (*.wwwcom - GoDaddy.com,
>> Inc.) for family cn=RSA,cn=encryption,cn=config (Netscape Portable
>> Runtime error -8174 - security library: bad database.)
>> [06/Jul/2015:19:59:15 +0800] - SSL alert: Security Initialization:
>> Unable to retrieve private key for cert *.www.com <http://www.com> -
>> GoDaddy.com, Inc. of family cn=RSA,cn=encryption,cn=config (Netscape
>> Portable Runtime error -8174 - security library: bad database.)
>> [06/Jul/2015:19:59:16 +0800] - SSL failure: None of the cipher are
>> valid
>> [06/Jul/2015:19:59:16 +0800] - ERROR: SSL Initialization phase 2
>> Failed.
>>
>>
>>
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20150706/6f953f00/attachment.htm>
More information about the Freeipa-users
mailing list