Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- [root@ldap slapd-ldap]# pk12util -d . -o server2.p12 -n directory-Server-Cert-2
- Enter Password or Pin for "NSS Certificate DB":
- Enter Password or Pin for "NSS Certificate DB":
- Enter password for PKCS12 file:
- Re-enter password:
- pk12util: PKCS12 EXPORT SUCCESSFUL
- [root@ldap slapd-ldap]# certutil -L -d . -n "CA certificate" -a > cacert.asc
- [root@ldap02 slapd-ldap02]# pk12util -d . -i server2.p12
- Enter Password or Pin for "NSS Certificate DB":
- Enter password for PKCS12 file:
- pk12util: PKCS12 IMPORT SUCCESSFUL
- [root@ldap02 slapd-ldap02]# certutil -A -d . -n "CA certificate" -t "CT,," -a -i cacert.asc
- [root@ldap02 slapd-ldap02]# service dirsrv restart
- [root@ldap02 slapd-ldap02]# service dirsrv restart
- Shutting down dirsrv:
- ldap02... [ OK ]
- Starting dirsrv:
- ldap02...Enter PIN for Internal (Software) Token:
- [15/Jan/2013:15:39:54 -0800] - SSL alert: CERT_VerifyCertificateNow: verify certificate failed for cert directory-Server-Cert-2 of family cn=RSA,cn=encryption,cn=config (Netscape Portable Runtime error -8182 - Peer's certificate has an invalid signature.)
- [ OK ]
- [root@ldap02 slapd-ldap02]#
- On the Primary
- [15/Jan/2013:15:40:41 -0800] conn=13 fd=65 slot=65 connection from 10.2.3.69 to 10.2.2.128
- [15/Jan/2013:15:40:41 -0800] conn=13 op=0 EXT oid="1.3.6.1.4.1.1466.20037" name="startTLS"
- [15/Jan/2013:15:40:41 -0800] conn=13 op=0 RESULT err=0 tag=120 nentries=0 etime=0
- [15/Jan/2013:15:40:41 -0800] conn=13 op=-1 fd=65 closed - SSL peer cannot verify your certificate
Advertisement
Add Comment
Please, Sign In to add comment
