Graham Leggett
2005-Dec-17 20:13 UTC
[Fedora-directory-users] SSL: importing a cert and key - howto anywhere?
Hi all, I have got a basic fedora DS running, and I now need to switch on SSL. I have found the SSL docs, which describe in some detail how to create a CSR, etc etc. The missing detail is how to import a certificate and key you already have - the admin console seems quite happy to import certs, but it seems to be oblivious to the importing of keys. Anyone know what incantation you have to chant to get DS to import a key or a p12 file? Regards, Graham --
Graham Leggett
2005-Dec-17 21:04 UTC
Re: [Fedora-directory-users] SSL: importing a cert and key - howto anywhere?
Graham Leggett wrote:> Anyone know what incantation you have to chant to get DS to import a key > or a p12 file?On a hunch, I tried the pk12util program to import the pk12 file, and it worked. It didn''t however import the CA certificate that was included in the pk12 file for some reason, the admin server refused to start until "EnforceValidCerts off" was added to magnus.conf. Even importing the CA cert manually using certutil made no difference. Regards, Graham --
Richard Megginson
2005-Dec-19 15:25 UTC
Re: [Fedora-directory-users] SSL: importing a cert and key - howto anywhere?
Graham Leggett wrote:> Graham Leggett wrote: > >> Anyone know what incantation you have to chant to get DS to import a >> key or a p12 file? > > > On a hunch, I tried the pk12util program to import the pk12 file, and > it worked. > > It didn''t however import the CA certificate that was included in the > pk12 file for some reason, the admin server refused to start until > "EnforceValidCerts off" was added to magnus.conf. Even importing the > CA cert manually using certutil made no difference.Into which certdb did you manually import it?> > Regards, > Graham > -- > >------------------------------------------------------------------------ > >-- >Fedora-directory-users mailing list >Fedora-directory-users@redhat.com >https://www.redhat.com/mailman/listinfo/fedora-directory-users > >
Richard Megginson
2005-Dec-19 15:27 UTC
Re: [Fedora-directory-users] SSL: importing a cert and key - howto anywhere?
Graham Leggett wrote:> Hi all, > > I have got a basic fedora DS running, and I now need to switch on SSL. > I have found the SSL docs, which describe in some detail how to create > a CSR, etc etc. > > The missing detail is how to import a certificate and key you already > have - the admin console seems quite happy to import certs, but it > seems to be oblivious to the importing of keys.You need the .p12 file and the pk12util, which you have already found.> > Anyone know what incantation you have to chant to get DS to import a > key or a p12 file? > > Regards, > Graham > -- > >------------------------------------------------------------------------ > >-- >Fedora-directory-users mailing list >Fedora-directory-users@redhat.com >https://www.redhat.com/mailman/listinfo/fedora-directory-users > >