Hello:
I broke access completely to my LDAP after following
the SSL HOWTO (in part because there are 2 sets of
instructions -- one is a Redhat link appearing at the
top of that howto page, which is what I followed and
coincidently broke access with, the other set of
instructions appear on the same page shortly after
that Redhat link and was the correct way I should have
implemented my self-signed certs). I am pretty sure
this has to do with ports since there is some mention
of needing to be at a port above 1024 if installed
root, however I installed and run it as nobody.
How do I go back in and disable SSL now that I can''t
access anything? I can''t seem to log in anywhere now
with my directory manager password.
Thanks for the assistance.
-jeff
____________________________________________________________________________________
Yahoo! oneSearch: Finally, mobile search
that gives answers, not web links.
http://mobile.yahoo.com/mobileweb/onesearch?refer=1ONXIC
Richard Megginson
2007-Aug-30 00:05 UTC
Re: [Fedora-directory-users] Removing SSL, broke access
Jeff wrote:> Hello: > > I broke access completely to my LDAP after following > the SSL HOWTO (in part because there are 2 sets of > instructions -- one is a Redhat link appearing at the > top of that howto page, which is what I followed and > coincidently broke access with, the other set of > instructions appear on the same page shortly after > that Redhat link and was the correct way I should have > implemented my self-signed certs). I am pretty sure > this has to do with ports since there is some mention > of needing to be at a port above 1024 if installed > root, however I installed and run it as nobody. >Why do you think it has to do with ports? Note that the server can run as "nobody" and listen to 389 and/or 636, as long as the servers are _started_ by root (or from init). The server drops privileges after binding to the ports.> How do I go back in and disable SSL now that I can''t > access anything? I can''t seem to log in anywhere now > with my directory manager password. >It depends. But you can usually stop the server, edit dse.ldif, set nsslapd-security: off, save, and start.> Thanks for the assistance. > > -jeff > > > > ____________________________________________________________________________________ > Yahoo! oneSearch: Finally, mobile search > that gives answers, not web links. > http://mobile.yahoo.com/mobileweb/onesearch?refer=1ONXIC > > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users >